[openssl-commits] [openssl] master update

Andy Polyakov appro at openssl.org
Sat Feb 24 13:15:21 UTC 2018 

The branch master has been updated
       via  6afed267db47a8aa604a3a9e78ac72efa02363df (commit)
       via  11a9eacde99f6333707b2399054d66ebbc0eb2a9 (commit)
       via  ae1ffe0f65c460ccdfe5153b96fe9943d7a171b8 (commit)
      from  e8c42b9888f53ac60f92221da309dc5a2b007cc3 (commit)


- Log -----------------------------------------------------------------
commit 6afed267db47a8aa604a3a9e78ac72efa02363df
Author: Andy Polyakov <appro at openssl.org>
Date:   Fri Feb 23 13:55:37 2018 +0100

    ec/ecp_nistp{224,256,521}.c: harmonize usage of __uint128_t.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5449)

commit 11a9eacde99f6333707b2399054d66ebbc0eb2a9
Author: Andy Polyakov <appro at openssl.org>
Date:   Fri Feb 23 13:37:06 2018 +0100

    {ec/curve25519,poly1305/poly1305}.c: relax pedantic constraint.
    
    As it turns out gcc -pedantic doesn't seem to consider __uint128_t
    as non-standard, unlike __int128 that is.
    
    Fix even MSVC warnings in curve25519.c.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5449)

commit ae1ffe0f65c460ccdfe5153b96fe9943d7a171b8
Author: Andy Polyakov <appro at openssl.org>
Date:   Fri Feb 23 13:20:33 2018 +0100

    ec/curve448: portability fixups.
    
    SPARC condition in __SIZEOF_INT128__==16 is rather performance thing
    than portability. Even though compiler advertises int128 capability,
    corresponding operations are inefficient, because they are not
    directly backed by instruction set.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5449)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ec/curve25519.c             | 135 ++++++++++++++++++-------------------
 crypto/ec/curve448/curve448.c      |   2 +-
 crypto/ec/curve448/curve448utils.h |   3 +-
 crypto/ec/ecp_nistp224.c           |   4 +-
 crypto/ec/ecp_nistp256.c           |   4 +-
 crypto/ec/ecp_nistp521.c           |   4 +-
 crypto/poly1305/poly1305.c         |   5 +-
 7 files changed, 78 insertions(+), 79 deletions(-)

diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c
index f354107..45525f4 100644
--- a/crypto/ec/curve25519.c
+++ b/crypto/ec/curve25519.c
@@ -12,9 +12,8 @@
 #include <openssl/sha.h>
 
 #if defined(X25519_ASM) \
-    || ( !defined(PEDANTIC) && \
-         !defined(__sparc__) && \
-         (defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16) )
+    || ( (defined(__SIZEOF_INT128__) && __SIZEOF_INT128__ == 16) \
+         && !defined(__sparc__) )
 /*
  * Base 2^51 implementation.
  */
@@ -22,7 +21,7 @@
 
 typedef uint64_t fe51[5];
 # if !defined(X25519_ASM)
-typedef unsigned __int128 u128;
+typedef __uint128_t u128;
 # endif
 
 static const uint64_t MASK51 = 0x7ffffffffffff;
@@ -101,38 +100,38 @@ static void fe51_tobytes(uint8_t *s, const fe51 h)
                     h4 &= MASK51;
 
     /* smash */
-    s[0] = h0 >> 0;
-    s[1] = h0 >> 8;
-    s[2] = h0 >> 16;
-    s[3] = h0 >> 24;
-    s[4] = h0 >> 32;
-    s[5] = h0 >> 40;
-    s[6] = (h0 >> 48) | ((uint32_t)h1 << 3);
-    s[7] = h1 >> 5;
-    s[8] = h1 >> 13;
-    s[9] = h1 >> 21;
-    s[10] = h1 >> 29;
-    s[11] = h1 >> 37;
-    s[12] = (h1 >> 45) | ((uint32_t)h2 << 6);
-    s[13] = h2 >> 2;
-    s[14] = h2 >> 10;
-    s[15] = h2 >> 18;
-    s[16] = h2 >> 26;
-    s[17] = h2 >> 34;
-    s[18] = h2 >> 42;
-    s[19] = (h2 >> 50) | ((uint32_t)h3 << 1);
-    s[20] = h3 >> 7;
-    s[21] = h3 >> 15;
-    s[22] = h3 >> 23;
-    s[23] = h3 >> 31;
-    s[24] = h3 >> 39;
-    s[25] = (h3 >> 47) | ((uint32_t)h4 << 4);
-    s[26] = h4 >> 4;
-    s[27] = h4 >> 12;
-    s[28] = h4 >> 20;
-    s[29] = h4 >> 28;
-    s[30] = h4 >> 36;
-    s[31] = h4 >> 44;
+    s[0] = (uint8_t)(h0 >> 0);
+    s[1] = (uint8_t)(h0 >> 8);
+    s[2] = (uint8_t)(h0 >> 16);
+    s[3] = (uint8_t)(h0 >> 24);
+    s[4] = (uint8_t)(h0 >> 32);
+    s[5] = (uint8_t)(h0 >> 40);
+    s[6] = (uint8_t)((h0 >> 48) | ((uint32_t)h1 << 3));
+    s[7] = (uint8_t)(h1 >> 5);
+    s[8] = (uint8_t)(h1 >> 13);
+    s[9] = (uint8_t)(h1 >> 21);
+    s[10] = (uint8_t)(h1 >> 29);
+    s[11] = (uint8_t)(h1 >> 37);
+    s[12] = (uint8_t)((h1 >> 45) | ((uint32_t)h2 << 6));
+    s[13] = (uint8_t)(h2 >> 2);
+    s[14] = (uint8_t)(h2 >> 10);
+    s[15] = (uint8_t)(h2 >> 18);
+    s[16] = (uint8_t)(h2 >> 26);
+    s[17] = (uint8_t)(h2 >> 34);
+    s[18] = (uint8_t)(h2 >> 42);
+    s[19] = (uint8_t)((h2 >> 50) | ((uint32_t)h3 << 1));
+    s[20] = (uint8_t)(h3 >> 7);
+    s[21] = (uint8_t)(h3 >> 15);
+    s[22] = (uint8_t)(h3 >> 23);
+    s[23] = (uint8_t)(h3 >> 31);
+    s[24] = (uint8_t)(h3 >> 39);
+    s[25] = (uint8_t)((h3 >> 47) | ((uint32_t)h4 << 4));
+    s[26] = (uint8_t)(h4 >> 4);
+    s[27] = (uint8_t)(h4 >> 12);
+    s[28] = (uint8_t)(h4 >> 20);
+    s[29] = (uint8_t)(h4 >> 28);
+    s[30] = (uint8_t)(h4 >> 36);
+    s[31] = (uint8_t)(h4 >> 44);
 }
 
 # ifdef X25519_ASM
@@ -888,38 +887,38 @@ static void fe_tobytes(uint8_t *s, const fe h) {
    * evidently 2^255 h10-2^255 q = 0.
    * Goal: Output h0+...+2^230 h9.  */
 
-  s[0] = h0 >> 0;
-  s[1] = h0 >> 8;
-  s[2] = h0 >> 16;
-  s[3] = (h0 >> 24) | ((uint32_t)(h1) << 2);
-  s[4] = h1 >> 6;
-  s[5] = h1 >> 14;
-  s[6] = (h1 >> 22) | ((uint32_t)(h2) << 3);
-  s[7] = h2 >> 5;
-  s[8] = h2 >> 13;
-  s[9] = (h2 >> 21) | ((uint32_t)(h3) << 5);
-  s[10] = h3 >> 3;
-  s[11] = h3 >> 11;
-  s[12] = (h3 >> 19) | ((uint32_t)(h4) << 6);
-  s[13] = h4 >> 2;
-  s[14] = h4 >> 10;
-  s[15] = h4 >> 18;
-  s[16] = h5 >> 0;
-  s[17] = h5 >> 8;
-  s[18] = h5 >> 16;
-  s[19] = (h5 >> 24) | ((uint32_t)(h6) << 1);
-  s[20] = h6 >> 7;
-  s[21] = h6 >> 15;
-  s[22] = (h6 >> 23) | ((uint32_t)(h7) << 3);
-  s[23] = h7 >> 5;
-  s[24] = h7 >> 13;
-  s[25] = (h7 >> 21) | ((uint32_t)(h8) << 4);
-  s[26] = h8 >> 4;
-  s[27] = h8 >> 12;
-  s[28] = (h8 >> 20) | ((uint32_t)(h9) << 6);
-  s[29] = h9 >> 2;
-  s[30] = h9 >> 10;
-  s[31] = h9 >> 18;
+  s[0] = (uint8_t)(h0 >> 0);
+  s[1] = (uint8_t)(h0 >> 8);
+  s[2] = (uint8_t)(h0 >> 16);
+  s[3] = (uint8_t)((h0 >> 24) | ((uint32_t)(h1) << 2));
+  s[4] = (uint8_t)(h1 >> 6);
+  s[5] = (uint8_t)(h1 >> 14);
+  s[6] = (uint8_t)((h1 >> 22) | ((uint32_t)(h2) << 3));
+  s[7] = (uint8_t)(h2 >> 5);
+  s[8] = (uint8_t)(h2 >> 13);
+  s[9] = (uint8_t)((h2 >> 21) | ((uint32_t)(h3) << 5));
+  s[10] = (uint8_t)(h3 >> 3);
+  s[11] = (uint8_t)(h3 >> 11);
+  s[12] = (uint8_t)((h3 >> 19) | ((uint32_t)(h4) << 6));
+  s[13] = (uint8_t)(h4 >> 2);
+  s[14] = (uint8_t)(h4 >> 10);
+  s[15] = (uint8_t)(h4 >> 18);
+  s[16] = (uint8_t)(h5 >> 0);
+  s[17] = (uint8_t)(h5 >> 8);
+  s[18] = (uint8_t)(h5 >> 16);
+  s[19] = (uint8_t)((h5 >> 24) | ((uint32_t)(h6) << 1));
+  s[20] = (uint8_t)(h6 >> 7);
+  s[21] = (uint8_t)(h6 >> 15);
+  s[22] = (uint8_t)((h6 >> 23) | ((uint32_t)(h7) << 3));
+  s[23] = (uint8_t)(h7 >> 5);
+  s[24] = (uint8_t)(h7 >> 13);
+  s[25] = (uint8_t)((h7 >> 21) | ((uint32_t)(h8) << 4));
+  s[26] = (uint8_t)(h8 >> 4);
+  s[27] = (uint8_t)(h8 >> 12);
+  s[28] = (uint8_t)((h8 >> 20) | ((uint32_t)(h9) << 6));
+  s[29] = (uint8_t)(h9 >> 2);
+  s[30] = (uint8_t)(h9 >> 10);
+  s[31] = (uint8_t)(h9 >> 18);
 }
 
 /* h = f */
diff --git a/crypto/ec/curve448/curve448.c b/crypto/ec/curve448/curve448.c
index 7c43a75..8ced622 100644
--- a/crypto/ec/curve448/curve448.c
+++ b/crypto/ec/curve448/curve448.c
@@ -500,7 +500,7 @@ struct smvt_control {
     int power, addend;
 };
 
-#if defined(__GNUC__) || defined(__clang__)
+#if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 3))
 # define NUMTRAILINGZEROS	__builtin_ctz
 #else
 # define NUMTRAILINGZEROS	numtrailingzeros
diff --git a/crypto/ec/curve448/curve448utils.h b/crypto/ec/curve448/curve448utils.h
index 4af2c3f..9bf8379 100644
--- a/crypto/ec/curve448/curve448utils.h
+++ b/crypto/ec/curve448/curve448utils.h
@@ -23,7 +23,8 @@
  * with arch_arm32.
  */
 # ifndef C448_WORD_BITS
-#  if defined(__SIZEOF_INT128__) && (__SIZEOF_INT128__ == 16)
+#  if (defined(__SIZEOF_INT128__) && (__SIZEOF_INT128__ == 16)) \
+      && !defined(__sparc__)
 #   define C448_WORD_BITS 64      /* The number of bits in a word */
 #  else
 #   define C448_WORD_BITS 32      /* The number of bits in a word */
diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c
index 9a9b8a4..9896727 100644
--- a/crypto/ec/ecp_nistp224.c
+++ b/crypto/ec/ecp_nistp224.c
@@ -40,12 +40,12 @@ NON_EMPTY_TRANSLATION_UNIT
 # include <openssl/err.h>
 # include "ec_lcl.h"
 
-# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
+# if defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16
   /* even with gcc, the typedef won't work for 32-bit platforms */
 typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
                                  * platforms */
 # else
-#  error "Need GCC 3.1 or later to define type uint128_t"
+#  error "Need GCC 4.0 or later to define type uint128_t"
 # endif
 
 typedef uint8_t u8;
diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c
index d8f7e8a..6381efa 100644
--- a/crypto/ec/ecp_nistp256.c
+++ b/crypto/ec/ecp_nistp256.c
@@ -41,13 +41,13 @@ NON_EMPTY_TRANSLATION_UNIT
 # include <openssl/err.h>
 # include "ec_lcl.h"
 
-# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
+# if defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16
   /* even with gcc, the typedef won't work for 32-bit platforms */
 typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
                                  * platforms */
 typedef __int128_t int128_t;
 # else
-#  error "Need GCC 3.1 or later to define type uint128_t"
+#  error "Need GCC 4.0 or later to define type uint128_t"
 # endif
 
 typedef uint8_t u8;
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index dcb5415..3a0ec0c 100644
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -40,12 +40,12 @@ NON_EMPTY_TRANSLATION_UNIT
 # include <openssl/err.h>
 # include "ec_lcl.h"
 
-# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
+# if defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16
   /* even with gcc, the typedef won't work for 32-bit platforms */
 typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
                                  * platforms */
 # else
-#  error "Need GCC 3.1 or later to define type uint128_t"
+#  error "Need GCC 4.0 or later to define type uint128_t"
 # endif
 
 typedef uint8_t u8;
diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c
index ab4fa83..7615e33 100644
--- a/crypto/poly1305/poly1305.c
+++ b/crypto/poly1305/poly1305.c
@@ -95,12 +95,11 @@ poly1305_blocks(void *ctx, const unsigned char *inp, size_t len, u32 padbit);
          (a ^ ((a ^ b) | ((a - b) ^ b))) >> (sizeof(a) * 8 - 1) \
          )
 
-# if !defined(PEDANTIC) && \
-     (defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16) && \
+# if (defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16) && \
      (defined(__SIZEOF_LONG__) && __SIZEOF_LONG__==8)
 
 typedef unsigned long u64;
-typedef unsigned __int128 u128;
+typedef __uint128_t u128;
 
 typedef struct {
     u64 h[3];

More information about the openssl-commits mailing list