Crypt-Bear
3 results

 view release on metacpan or  search on metacpan

src/inner.h  view on Meta::CPAN 

/*
 * Maximum size for a RSA modulus (in bits). Allocated stack buffers
 * depend on that size, so this value should be kept small. Currently,
 * 2048-bit RSA keys offer adequate security, and should still do so for
 * the next few decades; however, a number of widespread PKI have
 * already set their root keys to RSA-4096, so we should be able to
 * process such keys.
 *
 * This value MUST be a multiple of 64. This value MUST NOT exceed 47666
 * (some computations in RSA key generation rely on the factor size being
 * no more than 23833 bits). RSA key sizes beyond 3072 bits don't make a
 * lot of sense anyway.
 */
#define BR_MAX_RSA_SIZE   4096

/*
 * Minimum size for a RSA modulus (in bits); this value is used only to
 * filter out invalid parameters for key pair generation. Normally,
 * applications should not use RSA keys smaller than 2048 bits; but some
 * specific cases might need shorter keys, for legacy or research
 * purposes.
 */
#define BR_MIN_RSA_SIZE   512

/*
 * Maximum size for a RSA factor (in bits). This is for RSA private-key
 * operations. Default is to support factors up to a bit more than half
 * the maximum modulus size.
 *
 * This value MUST be a multiple of 32.
 */
#define BR_MAX_RSA_FACTOR   ((BR_MAX_RSA_SIZE + 64) >> 1)

/*
 * Maximum size for an EC curve (modulus or order), in bits. Size of
 * stack buffers depends on that parameter. This size MUST be a multiple
 * of 8 (so that decoding an integer with that many bytes does not
 * overflow).
 */
#define BR_MAX_EC_SIZE   528

/*
 * Some macros to recognize the current architecture. Right now, we are
 * interested into automatically recognizing architecture with efficient
 * 64-bit types so that we may automatically use implementations that
 * use 64-bit registers in that case. Future versions may detect, e.g.,
 * availability of SSE2 intrinsics.
 *
 * If 'unsigned long' is a 64-bit type, then we assume that 64-bit types
 * are efficient. Otherwise, we rely on macros that depend on compiler,
 * OS and architecture. In any case, failure to detect the architecture
 * as 64-bit means that the 32-bit code will be used, and that code
 * works also on 64-bit architectures (the 64-bit code may simply be
 * more efficient).
 *
 * The test on 'unsigned long' should already catch most cases, the one
 * notable exception being Windows code where 'unsigned long' is kept to
 * 32-bit for compatibility with all the legacy code that liberally uses
 * the 'DWORD' type for 32-bit values.
 *
 * Macro names are taken from: http://nadeausoftware.com/articles/2012/02/c_c_tip_how_detect_processor_type_using_compiler_predefined_macros
 */
#ifndef BR_64
#if ((ULONG_MAX >> 31) >> 31) == 3
#define BR_64   1
#elif defined(__ia64) || defined(__itanium__) || defined(_M_IA64)
#define BR_64   1
#elif defined(__powerpc64__) || defined(__ppc64__) || defined(__PPC64__) \
	|| defined(__64BIT__) || defined(_LP64) || defined(__LP64__)
#define BR_64   1
#elif defined(__sparc64__)
#define BR_64   1
#elif defined(__x86_64__) || defined(_M_X64)
#define BR_64   1
#elif defined(__aarch64__) || defined(_M_ARM64)
#define BR_64   1
#elif defined(__mips64)
#define BR_64   1
#endif
#endif

/*
 * Set BR_LOMUL on platforms where it makes sense.
 */
#ifndef BR_LOMUL
#if BR_ARMEL_CORTEXM_GCC
#define BR_LOMUL   1
#endif
#endif

/*
 * Architecture detection.
 */
#ifndef BR_i386
#if __i386__ || _M_IX86
#define BR_i386   1
#endif
#endif

#ifndef BR_amd64
#if __x86_64__ || _M_X64
#define BR_amd64   1
#endif
#endif

/*
 * Compiler brand and version.
 *
 * Implementations that use intrinsics need to detect the compiler type
 * and version because some specific actions may be needed to activate
 * the corresponding opcodes, both for header inclusion, and when using
 * them in a function.
 *
 * BR_GCC, BR_CLANG and BR_MSC will be set to 1 for, respectively, GCC,
 * Clang and MS Visual C. For each of them, sub-macros will be defined
 * for versions; each sub-macro is set whenever the compiler version is
 * at least as recent as the one corresponding to the macro.
 */

/*
 * GCC thresholds are on versions 4.4 to 4.9 and 5.0.

src/inner.h  view on Meta::CPAN 

#if BR_MSC_2015
#define BR_MSC_2013   1
#endif
#if BR_MSC_2013
#define BR_MSC_2012   1
#endif
#if BR_MSC_2012
#define BR_MSC_2010   1
#endif
#if BR_MSC_2010
#define BR_MSC_2008   1
#endif
#if BR_MSC_2008
#define BR_MSC_2005   1
#endif

#endif
#endif

/*
 * GCC 4.4+ and Clang 3.7+ allow tagging specific functions with a
 * 'target' attribute that activates support for specific opcodes.
 */
#if BR_GCC_4_4 || BR_CLANG_3_7
#define BR_TARGET(x)   __attribute__((target(x)))
#else
#define BR_TARGET(x)
#endif

/*
 * AES-NI intrinsics are available on x86 (32-bit and 64-bit) with
 * GCC 4.8+, Clang 3.7+ and MSC 2012+.
 */
#ifndef BR_AES_X86NI
#if (BR_i386 || BR_amd64) && (BR_GCC_4_8 || BR_CLANG_3_7 || BR_MSC_2012)
#define BR_AES_X86NI   1
#endif
#endif

/*
 * SSE2 intrinsics are available on x86 (32-bit and 64-bit) with
 * GCC 4.4+, Clang 3.7+ and MSC 2005+.
 */
#ifndef BR_SSE2
#if (BR_i386 || BR_amd64) && (BR_GCC_4_4 || BR_CLANG_3_7 || BR_MSC_2005)
#define BR_SSE2   1
#endif
#endif

/*
 * RDRAND intrinsics are available on x86 (32-bit and 64-bit) with
 * GCC 4.6+, Clang 3.7+ and MSC 2012+.
 */
#ifndef BR_RDRAND
#if (BR_i386 || BR_amd64) && (BR_GCC_4_6 || BR_CLANG_3_7 || BR_MSC_2012)
#define BR_RDRAND   1
#endif
#endif

/*
 * Determine type of OS for random number generation. Macro names and
 * values are documented on:
 *    https://sourceforge.net/p/predef/wiki/OperatingSystems/
 *
 * Win32's CryptGenRandom() should be available on Windows systems.
 *
 * /dev/urandom should work on all Unix-like systems (including macOS X).
 *
 * getentropy() is present on Linux (Glibc 2.25+), FreeBSD (12.0+) and
 * OpenBSD (5.6+). For OpenBSD, there does not seem to be easy to use
 * macros to test the minimum version, so we just assume that it is
 * recent enough (last version without getentropy() has gone out of
 * support in May 2015).
 *
 * Ideally we should use getentropy() on macOS (10.12+) too, but I don't
 * know how to test the exact OS version with preprocessor macros.
 *
 * TODO: enrich the list of detected system.
 */

#ifndef BR_USE_URANDOM
#if defined _AIX \
	|| defined __ANDROID__ \
	|| defined __FreeBSD__ \
	|| defined __NetBSD__ \
	|| defined __OpenBSD__ \
	|| defined __DragonFly__ \
	|| defined __linux__ \
	|| (defined __sun && (defined __SVR4 || defined __svr4__)) \
	|| (defined __APPLE__ && defined __MACH__)
#define BR_USE_URANDOM   1
#endif
#endif

#ifndef BR_USE_GETENTROPY
#if (defined __linux__ \
	&& (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 25))) \
	|| (defined __FreeBSD__ && __FreeBSD__ >= 12) \
	|| defined __OpenBSD__
#define BR_USE_GETENTROPY   1
#endif
#endif

#ifndef BR_USE_WIN32_RAND
#if defined _WIN32 || defined _WIN64
#define BR_USE_WIN32_RAND   1
#endif
#endif

/*
 * POWER8 crypto support. We rely on compiler macros for the
 * architecture, since we do not have a reliable, simple way to detect
 * the required support at runtime (we could try running an opcode, and
 * trapping the exception or signal on illegal instruction, but this
 * induces some non-trivial OS dependencies that we would prefer to
 * avoid if possible).
 */
#ifndef BR_POWER8
#if __GNUC__ && ((_ARCH_PWR8 || _ARCH_PPC) && __CRYPTO__)
#define BR_POWER8   1
#endif



( run in 0.569 second using v1.01-cache-2.11-cpan-8f98c5d2c55 )