1 /*
2 * datatypes.h
3 *
4 * data types for bit vectors and finite fields
5 *
6 * David A. McGrew
7 * Cisco Systems, Inc.
8 */
9
10 /*
11 *
12 * Copyright (c) 2001-2017, Cisco Systems, Inc.
13 * All rights reserved.
14 *
15 * Redistribution and use in source and binary forms, with or without
16 * modification, are permitted provided that the following conditions
17 * are met:
18 *
19 * Redistributions of source code must retain the above copyright
20 * notice, this list of conditions and the following disclaimer.
21 *
22 * Redistributions in binary form must reproduce the above
23 * copyright notice, this list of conditions and the following
24 * disclaimer in the documentation and/or other materials provided
25 * with the distribution.
26 *
27 * Neither the name of the Cisco Systems, Inc. nor the names of its
28 * contributors may be used to endorse or promote products derived
29 * from this software without specific prior written permission.
30 *
31 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
32 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
33 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
34 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
35 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
36 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
37 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
38 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
39 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
40 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
41 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
42 * OF THE POSSIBILITY OF SUCH DAMAGE.
43 *
44 */
45
46 #ifndef DATATYPES_H
47 #define DATATYPES_H
48
49 #include "integers.h" /* definitions of uint32_t, et cetera */
50 #include "alloc.h"
51
52 #include <stdarg.h>
53
54 #include <stdio.h>
55 #include <string.h>
56 #include <time.h>
57 #ifdef HAVE_NETINET_IN_H
58 #include <netinet/in.h>
59 #elif defined HAVE_WINSOCK2_H
60 #include <winsock2.h>
61 #else
62 #error "Platform not recognized"
63 #endif
64
65 #ifdef __cplusplus
66 extern "C" {
67 #endif
68
69 /* if DATATYPES_USE_MACROS is defined, then little functions are macros */
70 #define DATATYPES_USE_MACROS
71
72 typedef union {
73 uint8_t v8[2];
74 uint16_t value;
75 } v16_t;
76
77 typedef union {
78 uint8_t v8[4];
79 uint16_t v16[2];
80 uint32_t value;
81 } v32_t;
82
83 typedef union {
84 uint8_t v8[8];
85 uint16_t v16[4];
86 uint32_t v32[2];
87 uint64_t value;
88 } v64_t;
89
90 typedef union {
91 uint8_t v8[16];
92 uint16_t v16[8];
93 uint32_t v32[4];
94 uint64_t v64[2];
95 } v128_t;
96
97 typedef union {
98 uint8_t v8[32];
99 uint16_t v16[16];
100 uint32_t v32[8];
101 uint64_t v64[4];
102 } v256_t;
103
104 /* some useful and simple math functions */
105
106 #define pow_2(X) ((unsigned int)1 << (X)) /* 2^X */
107
108 #define pow_minus_one(X) ((X) ? -1 : 1) /* (-1)^X */
109
110 /*
111 * octet_get_weight(x) returns the hamming weight (number of bits equal to
112 * one) in the octet x
113 */
114
115 int octet_get_weight(uint8_t octet);
116
117 #define MAX_PRINT_STRING_LEN 1024
118
119 char *srtp_octet_string_hex_string(const void *str, int length);
120
121 char *v128_bit_string(v128_t *x);
122
123 char *v128_hex_string(v128_t *x);
124
125 void v128_copy_octet_string(v128_t *x, const uint8_t s[16]);
126
127 void v128_left_shift(v128_t *x, int shift_index);
128
129 void v128_right_shift(v128_t *x, int shift_index);
130
131 /*
132 * the following macros define the data manipulation functions
133 *
134 * If DATATYPES_USE_MACROS is defined, then these macros are used
135 * directly (and function call overhead is avoided). Otherwise,
136 * the macros are used through the functions defined in datatypes.c
137 * (and the compiler provides better warnings).
138 */
139
140 #define _v128_set_to_zero(x) \
141 ((x)->v32[0] = 0, (x)->v32[1] = 0, (x)->v32[2] = 0, (x)->v32[3] = 0)
142
143 #define _v128_copy(x, y) \
144 ((x)->v32[0] = (y)->v32[0], (x)->v32[1] = (y)->v32[1], \
145 (x)->v32[2] = (y)->v32[2], (x)->v32[3] = (y)->v32[3])
146
147 #define _v128_xor(z, x, y) \
148 ((z)->v32[0] = (x)->v32[0] ^ (y)->v32[0], \
149 (z)->v32[1] = (x)->v32[1] ^ (y)->v32[1], \
150 (z)->v32[2] = (x)->v32[2] ^ (y)->v32[2], \
151 (z)->v32[3] = (x)->v32[3] ^ (y)->v32[3])
152
153 #define _v128_and(z, x, y) \
154 ((z)->v32[0] = (x)->v32[0] & (y)->v32[0], \
155 (z)->v32[1] = (x)->v32[1] & (y)->v32[1], \
156 (z)->v32[2] = (x)->v32[2] & (y)->v32[2], \
157 (z)->v32[3] = (x)->v32[3] & (y)->v32[3])
158
159 #define _v128_or(z, x, y) \
160 ((z)->v32[0] = (x)->v32[0] | (y)->v32[0], \
161 (z)->v32[1] = (x)->v32[1] | (y)->v32[1], \
162 (z)->v32[2] = (x)->v32[2] | (y)->v32[2], \
163 (z)->v32[3] = (x)->v32[3] | (y)->v32[3])
164
165 #define _v128_complement(x) \
166 ((x)->v32[0] = ~(x)->v32[0], (x)->v32[1] = ~(x)->v32[1], \
167 (x)->v32[2] = ~(x)->v32[2], (x)->v32[3] = ~(x)->v32[3])
168
169 /* ok for NO_64BIT_MATH if it can compare uint64_t's (even as structures) */
170 #define _v128_is_eq(x, y) \
171 (((x)->v64[0] == (y)->v64[0]) && ((x)->v64[1] == (y)->v64[1]))
172
173 #ifdef NO_64BIT_MATH
174 #define _v128_xor_eq(z, x) \
175 ((z)->v32[0] ^= (x)->v32[0], (z)->v32[1] ^= (x)->v32[1], \
176 (z)->v32[2] ^= (x)->v32[2], (z)->v32[3] ^= (x)->v32[3])
177 #else
178 #define _v128_xor_eq(z, x) \
179 ((z)->v64[0] ^= (x)->v64[0], (z)->v64[1] ^= (x)->v64[1])
180 #endif
181
182 /* NOTE! This assumes an odd ordering! */
183 /* This will not be compatible directly with math on some processors */
184 /* bit 0 is first 32-bit word, low order bit. in little-endian, that's
185 the first byte of the first 32-bit word. In big-endian, that's
186 the 3rd byte of the first 32-bit word */
187 /* The get/set bit code is used by the replay code ONLY, and it doesn't
188 really care which bit is which. AES does care which bit is which, but
189 doesn't use the 128-bit get/set or 128-bit shifts */
190
191 #define _v128_get_bit(x, bit) (((((x)->v32[(bit) >> 5]) >> ((bit)&31)) & 1))
192
193 #define _v128_set_bit(x, bit) \
194 ((((x)->v32[(bit) >> 5]) |= ((uint32_t)1 << ((bit)&31))))
195
196 #define _v128_clear_bit(x, bit) \
197 ((((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit)&31))))
198
199 #define _v128_set_bit_to(x, bit, value) \
200 ((value) ? _v128_set_bit(x, bit) : _v128_clear_bit(x, bit))
201
202 #ifdef DATATYPES_USE_MACROS /* little functions are really macros */
203
204 #define v128_set_to_zero(z) _v128_set_to_zero(z)
205 #define v128_copy(z, x) _v128_copy(z, x)
206 #define v128_xor(z, x, y) _v128_xor(z, x, y)
207 #define v128_and(z, x, y) _v128_and(z, x, y)
208 #define v128_or(z, x, y) _v128_or(z, x, y)
209 #define v128_complement(x) _v128_complement(x)
210 #define v128_is_eq(x, y) _v128_is_eq(x, y)
211 #define v128_xor_eq(x, y) _v128_xor_eq(x, y)
212 #define v128_get_bit(x, i) _v128_get_bit(x, i)
213 #define v128_set_bit(x, i) _v128_set_bit(x, i)
214 #define v128_clear_bit(x, i) _v128_clear_bit(x, i)
215 #define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
216
217 #else
218
219 void v128_set_to_zero(v128_t *x);
220
221 int v128_is_eq(const v128_t *x, const v128_t *y);
222
223 void v128_copy(v128_t *x, const v128_t *y);
224
225 void v128_xor(v128_t *z, v128_t *x, v128_t *y);
226
227 void v128_and(v128_t *z, v128_t *x, v128_t *y);
228
229 void v128_or(v128_t *z, v128_t *x, v128_t *y);
230
231 void v128_complement(v128_t *x);
232
233 int v128_get_bit(const v128_t *x, int i);
234
235 void v128_set_bit(v128_t *x, int i);
236
237 void v128_clear_bit(v128_t *x, int i);
238
239 void v128_set_bit_to(v128_t *x, int i, int y);
240
241 #endif /* DATATYPES_USE_MACROS */
242
243 /*
244 * srtp_octet_string_is_eq(a, b, len) returns 1 if the length len strings
245 * a and b are not equal. It returns 0 otherwise. The running time of the
246 * comparison depends only on len, making this safe to use for (e.g.)
247 * verifying authentication tags.
248 */
249
250 int srtp_octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
251
252 /*
253 * A portable way to zero out memory as recommended by
254 * https://cryptocoding.net/index.php/Coding_rules#Clean_memory_of_secret_data
255 * This is used to zero memory when OPENSSL_cleanse() is not available.
256 */
257 void srtp_cleanse(void *s, size_t len);
258
259 /*
260 * Functions as a wrapper that delegates to either srtp_cleanse() or
261 * OPENSSL_cleanse() if available to zero memory.
262 */
263 void octet_string_set_to_zero(void *s, size_t len);
264
265 #if defined(HAVE_CONFIG_H)
266
267 /*
268 * Convert big endian integers to CPU byte order.
269 */
270 #ifdef WORDS_BIGENDIAN
271 /* Nothing to do. */
272 #define be32_to_cpu(x) (x)
273 #define be64_to_cpu(x) (x)
274 #elif defined(HAVE_BYTESWAP_H)
275 /* We have (hopefully) optimized versions in byteswap.h */
276 #include <byteswap.h>
277 #define be32_to_cpu(x) bswap_32((x))
278 #define be64_to_cpu(x) bswap_64((x))
279 #else /* WORDS_BIGENDIAN */
280
281 #if defined(__GNUC__) && defined(HAVE_X86)
282 /* Fall back. */
be32_to_cpu(uint32_t v)283 static inline uint32_t be32_to_cpu(uint32_t v)
284 {
285 /* optimized for x86. */
286 asm("bswap %0" : "=r"(v) : "0"(v));
287 return v;
288 }
289 #else /* HAVE_X86 */
290 #ifdef HAVE_NETINET_IN_H
291 #include <netinet/in.h>
292 #elif defined HAVE_WINSOCK2_H
293 #include <winsock2.h>
294 #endif /* HAVE_NETINET_IN_H */
295 #define be32_to_cpu(x) ntohl((x))
296 #endif /* HAVE_X86 */
297
be64_to_cpu(uint64_t v)298 static inline uint64_t be64_to_cpu(uint64_t v)
299 {
300 #ifdef NO_64BIT_MATH
301 /* use the make64 functions to do 64-bit math */
302 v = make64(htonl(low32(v)), htonl(high32(v)));
303 #else /* NO_64BIT_MATH */
304 /* use the native 64-bit math */
305 v = (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) |
306 (((uint64_t)be32_to_cpu((uint32_t)v)) << 32));
307 #endif /* NO_64BIT_MATH */
308 return v;
309 }
310
311 #endif /* WORDS_BIGENDIAN */
312
313 #endif /* HAVE_CONFIG_H */
314
315 /*
316 * functions manipulating bitvector_t
317 *
318 * A bitvector_t consists of an array of words and an integer
319 * representing the number of significant bits stored in the array.
320 * The bits are packed as follows: the least significant bit is that
321 * of word[0], while the most significant bit is the nth most
322 * significant bit of word[m], where length = bits_per_word * m + n.
323 *
324 */
325
326 #define bits_per_word 32
327 #define bytes_per_word 4
328
329 typedef struct {
330 uint32_t length;
331 uint32_t *word;
332 } bitvector_t;
333
334 #define _bitvector_get_bit(v, bit_index) \
335 (((((v)->word[((bit_index) >> 5)]) >> ((bit_index)&31)) & 1))
336
337 #define _bitvector_set_bit(v, bit_index) \
338 ((((v)->word[((bit_index) >> 5)] |= ((uint32_t)1 << ((bit_index)&31)))))
339
340 #define _bitvector_clear_bit(v, bit_index) \
341 ((((v)->word[((bit_index) >> 5)] &= ~((uint32_t)1 << ((bit_index)&31)))))
342
343 #define _bitvector_get_length(v) (((v)->length))
344
345 #ifdef DATATYPES_USE_MACROS /* little functions are really macros */
346
347 #define bitvector_get_bit(v, bit_index) _bitvector_get_bit(v, bit_index)
348 #define bitvector_set_bit(v, bit_index) _bitvector_set_bit(v, bit_index)
349 #define bitvector_clear_bit(v, bit_index) _bitvector_clear_bit(v, bit_index)
350 #define bitvector_get_length(v) _bitvector_get_length(v)
351
352 #else
353
354 int bitvector_get_bit(const bitvector_t *v, int bit_index);
355
356 void bitvector_set_bit(bitvector_t *v, int bit_index);
357
358 void bitvector_clear_bit(bitvector_t *v, int bit_index);
359
360 unsigned long bitvector_get_length(const bitvector_t *v);
361
362 #endif
363
364 int bitvector_alloc(bitvector_t *v, unsigned long length);
365
366 void bitvector_dealloc(bitvector_t *v);
367
368 void bitvector_set_to_zero(bitvector_t *x);
369
370 void bitvector_left_shift(bitvector_t *x, int index);
371
372 char *bitvector_bit_string(bitvector_t *x, char *buf, int len);
373
374 #ifdef __cplusplus
375 }
376 #endif
377
378 #endif /* DATATYPES_H */
379