X-Git-Url: https://bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Finner.h;h=20211d7c351496afaf36eac70b0c36c15867767e;hp=52bcaf087b302c6f5b209e231225b824b7161966;hb=e37c90ac68c4a42417e0302343de87c9e340803e;hpb=af9c79a0710a45361f9ae4313f8bb5bf738c3b7a

diff --git a/src/inner.h b/src/inner.h
index 52bcaf0..20211d7 100644
--- a/src/inner.h
+++ b/src/inner.h
@@ -85,7 +85,7 @@
  *
  * The test on 'unsigned long' should already catch most cases, the one
  * notable exception being Windows code where 'unsigned long' is kept to
- * 32-bit for compatbility with all the legacy code that liberally uses
+ * 32-bit for compatibility with all the legacy code that liberally uses
  * the 'DWORD' type for 32-bit values.
  *
  * Macro names are taken from: http://nadeausoftware.com/articles/2012/02/c_c_tip_how_detect_processor_type_using_compiler_predefined_macros
@@ -1887,6 +1887,31 @@ uint32_t br_rsa_pkcs1_sig_unpad(const unsigned char *sig, size_t sig_len,
 	const unsigned char *hash_oid, size_t hash_len,
 	unsigned char *hash_out);
 
+/*
+ * Apply OAEP padding. Returned value is the actual padded string length,
+ * or zero on error.
+ */
+size_t br_rsa_oaep_pad(const br_prng_class **rnd, const br_hash_class *dig,
+	const void *label, size_t label_len, const br_rsa_public_key *pk,
+	void *dst, size_t dst_nax_len, const void *src, size_t src_len);
+
+/*
+ * Unravel and check OAEP padding. If the padding is correct, then 1 is
+ * returned, '*len' is adjusted to the length of the message, and the
+ * data is moved to the start of the 'data' buffer. If the padding is
+ * incorrect, then 0 is returned and '*len' is untouched. Either way,
+ * the complete buffer contents are altered.
+ */
+uint32_t br_rsa_oaep_unpad(const br_hash_class *dig,
+	const void *label, size_t label_len, void *data, size_t *len);
+
+/*
+ * Compute MGF1 for a given seed, and XOR the output into the provided
+ * buffer.
+ */
+void br_mgf1_xor(void *data, size_t len,
+	const br_hash_class *dig, const void *seed, size_t seed_len);
+
 /* ==================================================================== */
 /*
  * Elliptic curves.
@@ -2122,6 +2147,34 @@ void br_ssl_engine_switch_chapol_in(br_ssl_engine_context *cc,
 void br_ssl_engine_switch_chapol_out(br_ssl_engine_context *cc,
 	int is_client, int prf_id);
 
+/*
+ * Switch to CCM decryption for incoming records.
+ *    cc               the engine context
+ *    is_client        non-zero for a client, zero for a server
+ *    prf_id           id of hash function for PRF
+ *    bc_impl          block cipher implementation (CTR+CBC)
+ *    cipher_key_len   block cipher key length (in bytes)
+ *    tag_len          tag length (in bytes)
+ */
+void br_ssl_engine_switch_ccm_in(br_ssl_engine_context *cc,
+	int is_client, int prf_id,
+	const br_block_ctrcbc_class *bc_impl,
+	size_t cipher_key_len, size_t tag_len);
+
+/*
+ * Switch to GCM encryption for outgoing records.
+ *    cc               the engine context
+ *    is_client        non-zero for a client, zero for a server
+ *    prf_id           id of hash function for PRF
+ *    bc_impl          block cipher implementation (CTR+CBC)
+ *    cipher_key_len   block cipher key length (in bytes)
+ *    tag_len          tag length (in bytes)
+ */
+void br_ssl_engine_switch_ccm_out(br_ssl_engine_context *cc,
+	int is_client, int prf_id,
+	const br_block_ctrcbc_class *bc_impl,
+	size_t cipher_key_len, size_t tag_len);
+
 /*
  * Calls to T0-generated code.
  */
@@ -2243,18 +2296,25 @@ int br_ssl_choose_hash(unsigned bf);
  */
 #if BR_i386 || BR_amd64
 
+/*
+ * On GCC before version 5.0, we need to use the pragma to enable the
+ * target options globally, because the 'target' function attribute
+ * appears to be unreliable. Before 4.6 we must also avoid the
+ * push_options / pop_options mechanism, because it tends to trigger
+ * some internal compiler errors.
+ */
 #if BR_GCC && !BR_GCC_5_0
 #if BR_GCC_4_6
 #define BR_TARGETS_X86_UP \
 	_Pragma("GCC push_options") \
 	_Pragma("GCC target(\"sse2,ssse3,sse4.1,aes,pclmul,rdrnd\")")
+#define BR_TARGETS_X86_DOWN \
+	_Pragma("GCC pop_options")
 #else
 #define BR_TARGETS_X86_UP \
-	_Pragma("GCC push_options") \
 	_Pragma("GCC target(\"sse2,ssse3,sse4.1,aes,pclmul\")")
 #endif
-#define BR_TARGETS_X86_DOWN \
-	_Pragma("GCC pop_options")
+#define BR_TARGETS_X86_DOWN
 #pragma GCC diagnostic ignored "-Wpsabi"
 #endif
 
@@ -2286,7 +2346,7 @@ int br_ssl_choose_hash(unsigned bf);
 BR_TARGETS_X86_UP
 #include <x86intrin.h>
 #include <cpuid.h>
-#define bswap32   __builtin_bswap32
+#define br_bswap32   __builtin_bswap32
 BR_TARGETS_X86_DOWN
 #endif
 
@@ -2294,7 +2354,7 @@ BR_TARGETS_X86_DOWN
 #include <stdlib.h>
 #include <intrin.h>
 #include <immintrin.h>
-#define bswap32   _byteswap_ulong
+#define br_bswap32   _byteswap_ulong
 #endif
 
 static inline int