diff options
author | Brian Smith <brian@briansmith.org> | 2016-01-18 09:12:57 +0300 |
---|---|---|
committer | David Benjamin <davidben@google.com> | 2016-01-26 02:05:04 +0300 |
commit | 7cae9f5b6cf48c00997865226241a902a17f861a (patch) | |
tree | fad0f444cb3c2d6b73567e324e0c4dbd3d93277c /crypto | |
parent | 34749f47da6106fce8ac80d6a85e780a7cf22834 (diff) |
Use |alignas| for alignment.
MSVC doesn't have stdalign.h and so doesn't support |alignas| in C
code. Define |alignas(x)| as a synonym for |__decltype(align(x))|
instead for it.
This also fixes -Wcast-qual warnings in rsaz_exp.c.
Change-Id: Ifce9031724cb93f5a4aa1f567e7af61b272df9d5
Reviewed-on: https://boringssl-review.googlesource.com/6924
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/bn/rsaz_exp.c | 49 | ||||
-rw-r--r-- | crypto/chacha/chacha_vec.c | 7 | ||||
-rw-r--r-- | crypto/cipher/e_chacha20poly1305.c | 13 | ||||
-rw-r--r-- | crypto/ec/p256-x86_64-table.h | 7 | ||||
-rw-r--r-- | crypto/ec/p256-x86_64.c | 15 | ||||
-rw-r--r-- | crypto/internal.h | 9 | ||||
-rw-r--r-- | crypto/poly1305/poly1305_arm.c | 4 | ||||
-rw-r--r-- | crypto/poly1305/poly1305_test.cc | 12 | ||||
-rw-r--r-- | crypto/poly1305/poly1305_vec.c | 11 |
9 files changed, 55 insertions, 72 deletions
diff --git a/crypto/bn/rsaz_exp.c b/crypto/bn/rsaz_exp.c index c8027520..30f08e5f 100644 --- a/crypto/bn/rsaz_exp.c +++ b/crypto/bn/rsaz_exp.c @@ -48,6 +48,9 @@ #include <openssl/mem.h> +#include "../internal.h" + + /* * See crypto/bn/asm/rsaz-avx2.pl for further details. */ @@ -58,42 +61,30 @@ void rsaz_1024_scatter5_avx2(void *tbl,const void *val,int i); void rsaz_1024_gather5_avx2(void *val,const void *tbl,int i); void rsaz_1024_red2norm_avx2(void *norm,const void *red); -#if defined(__GNUC__) -# define ALIGN64 __attribute__((aligned(64))) -#elif defined(_MSC_VER) -# define ALIGN64 __declspec(align(64)) -#elif defined(__SUNPRO_C) -# define ALIGN64 -# pragma align 64(one,two80) -#else -# define ALIGN64 /* not fatal, might hurt performance a little */ -#endif - -ALIGN64 static const BN_ULONG one[40] = +alignas(64) static const BN_ULONG one[40] = {1,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; -ALIGN64 static const BN_ULONG two80[40] = +alignas(64) static const BN_ULONG two80[40] = {0,0,1<<22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16], const BN_ULONG base_norm[16], const BN_ULONG exponent[16], const BN_ULONG m_norm[16], const BN_ULONG RR[16], BN_ULONG k0) { - unsigned char storage[320*3+32*9*16+64]; /* 5.5KB */ - unsigned char *p_str = storage + (64-((size_t)storage%64)); + alignas(64) uint8_t storage[(320 * 3) + (32 * 9 * 16)]; /* 5.5KB */ unsigned char *a_inv, *m, *result, - *table_s = p_str+320*3, + *table_s = storage + (320 * 3), *R2 = table_s; /* borrow */ int index; int wvalue; - if ((((size_t)p_str&4095)+320)>>12) { - result = p_str; - a_inv = p_str + 320; - m = p_str + 320*2; /* should not cross page */ + if (((((uintptr_t)storage & 4095) + 320) >> 12) != 0) { + result = storage; + a_inv = storage + 320; + m = storage + (320 * 2); /* should not cross page */ } else { - m = p_str; /* should not cross page */ - result = p_str + 320; - a_inv = p_str + 320*2; + m = storage; /* should not cross page */ + result = storage + 320; + a_inv = storage + (320 * 2); } rsaz_1024_norm2red_avx2(m, m_norm); @@ -224,8 +215,9 @@ void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16], rsaz_1024_scatter5_avx2(table_s,result,31); #endif + const uint8_t *p_str = (const uint8_t *)exponent; + /* load first window */ - p_str = (unsigned char*)exponent; wvalue = p_str[127] >> 3; rsaz_1024_gather5_avx2(result,table_s,wvalue); @@ -235,7 +227,7 @@ void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16], rsaz_1024_sqr_avx2(result, result, m, k0, 5); - wvalue = *((unsigned short*)&p_str[index/8]); + wvalue = *((const unsigned short*)&p_str[index / 8]); wvalue = (wvalue>> (index%8)) & 31; index-=5; @@ -274,11 +266,10 @@ void RSAZ_512_mod_exp(BN_ULONG result[8], const BN_ULONG base[8], const BN_ULONG exponent[8], const BN_ULONG m[8], BN_ULONG k0, const BN_ULONG RR[8]) { - unsigned char storage[16*8*8+64*2+64]; /* 1.2KB */ - unsigned char *table = storage + (64-((size_t)storage%64)); + alignas(64) uint8_t storage[(16*8*8) + (64 * 2)]; /* 1.2KB */ + unsigned char *table = storage; BN_ULONG *a_inv = (BN_ULONG *)(table+16*8*8), *temp = (BN_ULONG *)(table+16*8*8+8*8); - unsigned char *p_str = (unsigned char*)exponent; int index; unsigned int wvalue; @@ -300,6 +291,8 @@ void RSAZ_512_mod_exp(BN_ULONG result[8], for (index=3; index<16; index++) rsaz_512_mul_scatter4(temp, a_inv, m, k0, table, index); + const uint8_t *p_str = (const uint8_t *)exponent; + /* load first window */ wvalue = p_str[63]; diff --git a/crypto/chacha/chacha_vec.c b/crypto/chacha/chacha_vec.c index 79ec9412..1de59ff6 100644 --- a/crypto/chacha/chacha_vec.c +++ b/crypto/chacha/chacha_vec.c @@ -25,6 +25,9 @@ #include <openssl/chacha.h> +#include "../internal.h" + + #if defined(ASM_GEN) || \ !defined(OPENSSL_WINDOWS) && \ (defined(OPENSSL_X86_64) || defined(OPENSSL_X86)) && defined(__SSE2__) @@ -163,10 +166,10 @@ void CRYPTO_chacha_20( const unsigned *kp = (const unsigned *)key; #if defined(__ARM_NEON__) uint32_t np[3]; - uint8_t alignment_buffer[16] __attribute__((aligned(16))); + alignas(16) uint8_t alignment_buffer[16]; #endif vec s0, s1, s2, s3; - __attribute__ ((aligned (16))) unsigned chacha_const[] = + alignas(16) unsigned chacha_const[] = {0x61707865,0x3320646E,0x79622D32,0x6B206574}; #if defined(__ARM_NEON__) memcpy(np, nonce, 12); diff --git a/crypto/cipher/e_chacha20poly1305.c b/crypto/cipher/e_chacha20poly1305.c index f3849500..de8c9b4b 100644 --- a/crypto/cipher/e_chacha20poly1305.c +++ b/crypto/cipher/e_chacha20poly1305.c @@ -23,6 +23,7 @@ #include <openssl/poly1305.h> #include "internal.h" +#include "../internal.h" #define POLY1305_TAG_LEN 16 @@ -79,12 +80,6 @@ static void poly1305_update_length(poly1305_state *poly1305, size_t data_len) { CRYPTO_poly1305_update(poly1305, length_bytes, sizeof(length_bytes)); } -#if defined(__arm__) -#define ALIGNED __attribute__((aligned(16))) -#else -#define ALIGNED -#endif - typedef void (*aead_poly1305_update)(poly1305_state *ctx, const uint8_t *ad, size_t ad_len, const uint8_t *ciphertext, size_t ciphertext_len); @@ -98,7 +93,7 @@ static void aead_poly1305(aead_poly1305_update update, const uint8_t nonce[12], const uint8_t *ad, size_t ad_len, const uint8_t *ciphertext, size_t ciphertext_len) { - uint8_t poly1305_key[32] ALIGNED; + alignas(16) uint8_t poly1305_key[32]; memset(poly1305_key, 0, sizeof(poly1305_key)); CRYPTO_chacha_20(poly1305_key, poly1305_key, sizeof(poly1305_key), c20_ctx->key, nonce, 0); @@ -139,7 +134,7 @@ static int seal_impl(aead_poly1305_update poly1305_update, CRYPTO_chacha_20(out, in, in_len, c20_ctx->key, nonce, 1); - uint8_t tag[POLY1305_TAG_LEN] ALIGNED; + alignas(16) uint8_t tag[POLY1305_TAG_LEN]; aead_poly1305(poly1305_update, tag, c20_ctx, nonce, ad, ad_len, out, in_len); memcpy(out + in_len, tag, c20_ctx->tag_len); @@ -173,7 +168,7 @@ static int open_impl(aead_poly1305_update poly1305_update, } plaintext_len = in_len - c20_ctx->tag_len; - uint8_t tag[POLY1305_TAG_LEN] ALIGNED; + alignas(16) uint8_t tag[POLY1305_TAG_LEN]; aead_poly1305(poly1305_update, tag, c20_ctx, nonce, ad, ad_len, in, plaintext_len); if (CRYPTO_memcmp(tag, in + plaintext_len, c20_ctx->tag_len) != 0) { diff --git a/crypto/ec/p256-x86_64-table.h b/crypto/ec/p256-x86_64-table.h index 5b3254cc..e4705f8e 100644 --- a/crypto/ec/p256-x86_64-table.h +++ b/crypto/ec/p256-x86_64-table.h @@ -24,12 +24,7 @@ * in order to increase the chances of using a large page but that appears to * lead to invalid ELF files being produced. */ -#if defined(__GNUC__) -__attribute((aligned(4096))) -#elif defined(_MSC_VER) -__declspec(align(4096)) -#endif -static const BN_ULONG +static const alignas(4096) BN_ULONG ecp_nistz256_precomputed[37][64 * sizeof(P256_POINT_AFFINE) / sizeof(BN_ULONG)] = { {TOBN(0x79e730d4, 0x18a9143c), TOBN(0x75ba95fc, 0x5fedb601), diff --git a/crypto/ec/p256-x86_64.c b/crypto/ec/p256-x86_64.c index 2f7023d6..2972483e 100644 --- a/crypto/ec/p256-x86_64.c +++ b/crypto/ec/p256-x86_64.c @@ -39,15 +39,6 @@ !defined(OPENSSL_SMALL) -#if defined(__GNUC__) -#define ALIGN(x) __attribute((aligned(x))) -#elif defined(_MSC_VER) -#define ALIGN(x) __declspec(align(x)) -#else -#define ALIGN(x) -#endif - -#define ALIGNPTR(p, N) ((uint8_t *)p + N - (size_t)p % N) #define P256_LIMBS (256 / BN_BITS2) typedef struct { @@ -245,7 +236,7 @@ static int ecp_nistz256_windowed_mul(const EC_GROUP *group, P256_POINT *r, /* A |P256_POINT| is (3 * 32) = 96 bytes, and the 64-byte alignment should * add no more than 63 bytes of overhead. Thus, |table| should require * ~1599 ((96 * 16) + 63) bytes of stack space. */ - ALIGN(64) P256_POINT table[16]; + alignas(64) P256_POINT table[16]; uint8_t p_str[33]; @@ -326,7 +317,7 @@ static int ecp_nistz256_windowed_mul(const EC_GROUP *group, P256_POINT *r, ecp_nistz256_point_add(&row[16 - 1], &row[15 - 1], &row[1 - 1]); BN_ULONG tmp[P256_LIMBS]; - ALIGN(32) P256_POINT h; + alignas(32) P256_POINT h; unsigned index = 255; unsigned wvalue = p_str[(index - 1) / 8]; wvalue = (wvalue >> ((index - 1) % 8)) & kMask; @@ -390,7 +381,7 @@ static int ecp_nistz256_points_mul( static const unsigned kWindowSize = 7; static const unsigned kMask = (1 << (7 /* kWindowSize */ + 1)) - 1; - ALIGN(32) union { + alignas(32) union { P256_POINT p; P256_POINT_AFFINE a; } t, p; diff --git a/crypto/internal.h b/crypto/internal.h index bf45349e..fe4ed731 100644 --- a/crypto/internal.h +++ b/crypto/internal.h @@ -112,6 +112,15 @@ #include <openssl/ex_data.h> #include <openssl/thread.h> +#if defined(_MSC_VER) +#if !defined(__cplusplus) || _MSC_VER < 1900 +#define alignas(x) __declspec(align(x)) +#define alignof __alignof +#endif +#else +#include <stdalign.h> +#endif + #if defined(OPENSSL_NO_THREADS) #elif defined(OPENSSL_WINDOWS) #pragma warning(push, 3) diff --git a/crypto/poly1305/poly1305_arm.c b/crypto/poly1305/poly1305_arm.c index 5e78dc06..82876e18 100644 --- a/crypto/poly1305/poly1305_arm.c +++ b/crypto/poly1305/poly1305_arm.c @@ -21,6 +21,8 @@ #include <string.h> +#include "../internal.h" + typedef struct { uint32_t v[12]; /* for alignment; only using 10 */ @@ -170,7 +172,7 @@ static void fe1305x2_frombytearray(fe1305x2 *r, const uint8_t *x, } } -static const fe1305x2 zero __attribute__((aligned(16))); +static const alignas(16) fe1305x2 zero; struct poly1305_state_st { uint8_t data[sizeof(fe1305x2[5]) + 128]; diff --git a/crypto/poly1305/poly1305_test.cc b/crypto/poly1305/poly1305_test.cc index 3a726683..cae30a42 100644 --- a/crypto/poly1305/poly1305_test.cc +++ b/crypto/poly1305/poly1305_test.cc @@ -20,17 +20,10 @@ #include <openssl/crypto.h> #include <openssl/poly1305.h> +#include "../internal.h" #include "../test/file_test.h" -// |CRYPTO_poly1305_finish| requires a 16-byte-aligned output. -#if defined(OPENSSL_WINDOWS) -// MSVC doesn't support C++11 |alignas|. -#define ALIGNED __declspec(align(16)) -#else -#define ALIGNED alignas(16) -#endif - static bool TestPoly1305(FileTest *t, void *arg) { std::vector<uint8_t> key, in, mac; if (!t->GetBytes(&key, "Key") || @@ -47,7 +40,8 @@ static bool TestPoly1305(FileTest *t, void *arg) { poly1305_state state; CRYPTO_poly1305_init(&state, key.data()); CRYPTO_poly1305_update(&state, in.data(), in.size()); - ALIGNED uint8_t out[16]; + // |CRYPTO_poly1305_finish| requires a 16-byte-aligned output. + alignas(16) uint8_t out[16]; CRYPTO_poly1305_finish(&state, out); if (!t->ExpectBytesEqual(out, 16, mac.data(), mac.size())) { t->PrintLine("Single-shot Poly1305 failed."); diff --git a/crypto/poly1305/poly1305_vec.c b/crypto/poly1305/poly1305_vec.c index 3235b58b..4a826cc2 100644 --- a/crypto/poly1305/poly1305_vec.c +++ b/crypto/poly1305/poly1305_vec.c @@ -20,12 +20,13 @@ #include <openssl/poly1305.h> +#include "../internal.h" + #if !defined(OPENSSL_WINDOWS) && defined(OPENSSL_X86_64) #include <emmintrin.h> -#define ALIGN(x) __attribute__((aligned(x))) /* inline is not a keyword in C89. */ #define INLINE #define U8TO64_LE(m) (*(const uint64_t *)(m)) @@ -35,11 +36,11 @@ typedef __m128i xmmi; typedef unsigned __int128 uint128_t; -static const uint32_t ALIGN(16) poly1305_x64_sse2_message_mask[4] = { +static const alignas(16) uint32_t poly1305_x64_sse2_message_mask[4] = { (1 << 26) - 1, 0, (1 << 26) - 1, 0}; -static const uint32_t ALIGN(16) poly1305_x64_sse2_5[4] = {5, 0, 5, 0}; -static const uint32_t ALIGN(16) poly1305_x64_sse2_1shl128[4] = {(1 << 24), 0, - (1 << 24), 0}; +static const alignas(16) uint32_t poly1305_x64_sse2_5[4] = {5, 0, 5, 0}; +static const alignas(16) uint32_t poly1305_x64_sse2_1shl128[4] = { + (1 << 24), 0, (1 << 24), 0}; static uint128_t INLINE add128(uint128_t a, uint128_t b) { return a + b; } |