pike.git / src / post_modules / Nettle / nettle.cmod

version» Context lines:

pike.git/src/post_modules/Nettle/nettle.cmod:1:   /* nettle.cmod -*- c -*- */    - #include "global.h" + #include "module.h"   #include "interpret.h" - #include "svalue.h" - /* For this_object() */ - #include "object.h" +    #include "operators.h"   #include "module_support.h"   #include "threads.h" - #include "pike_memory.h" +    #include "pike_cpulib.h"   #include "bignum.h"   #include "sprintf.h"      #include "nettle_config.h"      #ifdef HAVE_LIBNETTLE      #include "nettle.h"   
pike.git/src/post_modules/Nettle/nettle.cmod:67:    *! internal state of 256 bits.    */   PIKECLASS Yarrow   program_flags PROGRAM_CLEAR_STORAGE;   {    CVAR struct yarrow256_ctx ctx;    CVAR struct yarrow_source *sources;       DECLARE_STORAGE;    -  /*! @decl void create(void|int sources) +  /*! @decl void create(void|int(0..) sources)    *! The number of entropy sources that will feed entropy to the    *! random number generator is given as an argument to Yarrow    *! during instantiation.    *! @seealso    *! @[update]    */ -  PIKEFUN void create(void|int arg) +  PIKEFUN void create(void|int(0..) arg)    flags ID_PROTECTED;    {    INT32 num = 0;       if(arg) { -  if (TYPEOF(*arg) != PIKE_T_INT) -  Pike_error("Bad argument type.\n"); +     num = arg->u.integer;    if(num < 0)    Pike_error("Invalid number of sources.\n");    free (THIS->sources); -  +  if( num > 0 )    THIS->sources = xalloc(sizeof(struct yarrow_source)*num); -  +  else +  THIS->sources = NULL; +  pop_stack();    }    else    {    free (THIS->sources);    THIS->sources = NULL;    }    yarrow256_init(&THIS->ctx, num, THIS->sources);    }       /*! @decl Yarrow seed(string(0..255) data)
pike.git/src/post_modules/Nettle/nettle.cmod:201:    /*! @decl int(0..) needed_sources()    *! The number of sources that must reach the threshold before a    *! slow reseed will happen.    */    PIKEFUN int(0..) needed_sources()    optflags OPT_EXTERNAL_DEPEND;    {    RETURN yarrow256_needed_sources(&THIS->ctx);    }    -  /*! @decl string(0..255) random_string(int length) +  /*! @decl string(0..255) random_string(int(0..) length)    *! Returns a pseudo-random string of the requested @[length].    */ -  PIKEFUN string(0..255) random_string(int length) +  PIKEFUN string(0..255) random_string(int(0..) length)    optflags OPT_EXTERNAL_DEPEND|OPT_SIDE_EFFECT;    {    struct pike_string *rnd;    if(length < 0)    Pike_error("Invalid length, must be positive.\n");    if( !yarrow256_is_seeded(&THIS->ctx) )    Pike_error("Random generator not seeded.\n");    rnd = begin_shared_string(length);    yarrow256_random(&THIS->ctx, length, (uint8_t *)rnd->str);    RETURN end_shared_string(rnd);
pike.git/src/post_modules/Nettle/nettle.cmod:320:    INCREMENT(16, THIS->ctr);    }       /*! @decl string(8bit) random_string(int(0..) len)    *!    *! Generates @[len] amount of pseudo random data. In contrast with    *! the Fortuna PseudoRandomData function, which only allows 2^20    *! bytes of random data per call, the necessary rekey operations    *! are here performed internally, so no such restrictions apply.    */ -  PIKEFUN string(8bit) random_string(int len) +  PIKEFUN string(8bit) random_string(int(0..) len)    {    int stored = 0;    struct pike_string *s;    uint8_t *str;       if(len<0) Pike_error("Length has to be positive.\n");       s = begin_shared_string(len);    str = (uint8_t *)s->str;   
pike.git/src/post_modules/Nettle/nettle.cmod:485:    flags ID_PROTECTED;    {    Pike_error("Requires reseed.\n");    }       /*! @decl string(8bit) random_string(int(0..) len)    *!    *! Generates @[len] amount of pseudo random data. Does not allow    *! for additional input data in the call.    */ -  PIKEFUN string(8bit) random_string(int len) +  PIKEFUN string(8bit) random_string(int(0..) len)    {    int stored = 0;    struct pike_string *s;    uint8_t *str;       if(len<0) Pike_error("Length has to be positive.\n");    if(THIS->reseed_counter>THIS->reseed_interval)    apply_current(f_Nettle_AES128_CTR_DRBG_entropy_underflow_fun_num, 0);       s = begin_shared_string(len);
pike.git/src/post_modules/Nettle/nettle.cmod:561:    *! RSAES-PKCS1-V1_5-ENCODE(message) in PKCS#1 v2.2, but without the    *! null byte prefix. The padding method used on the original message    *! must be provided in the @[type] parameter. All content dependent    *! processing is done in constant time for the same padding type and    *! @[data] length.    *!    *! @returns    *! Returns the position in the string where the first non-padding    *! character is, or 0.    */ - PIKEFUN int(0..) rsa_unpad(string(0..255) data, int type) + PIKEFUN int(0..) rsa_unpad(string(0..255) data, int(1..2) type)   {    int i, pad=0, nonpad=0, pos=0;    unsigned char *str;       NO_WIDE_STRING(data);       /* Indata is smaller than minimum size, so we can exit immediately    without timing issue. 1 type + 8 padding + 1 delimiter + 1 value    = 11 bytes. */    if(data->len < 11 ) RETURN 0;
pike.git/src/post_modules/Nettle/nettle.cmod:604:         /*! @decl string(0..127) crypt_md5(string(0..255) password, @    *! string(0..255) salt,@    *! void|string(0..255) magic)    *! Does the crypt_md5 abrakadabra (MD5 + snakeoil). It is assumed    *! that @[salt] does not contain "$".    *!    *! The @[password] memory will be cleared before released.    */ - PIKEFUN string(0..127) crypt_md5(string(0..255) pw, string(0..255) salt, -  void|string(0..255) magic) + PIKEFUN string(0..127) crypt_md5(string pw, string salt, +  void|string magic)    optflags OPT_TRY_OPTIMIZE; -  +  /* NB: We use a weaker type above to allow us to delay +  * throwing errors on wide strings until we've had +  * time to censor the password string. +  */ +  rawtype tFunc(tStr8 tStr8 tOr(tStr8, tVoid), tStr7);   {    char *hash; -  +  +  /* Censor the password. */ +  push_string(pw); +  args++; +  add_ref(Pike_sp[-args].u.string = MK_STRING("censored")); +     NO_WIDE_STRING(pw);    NO_WIDE_STRING(salt);       pw->flags |= STRING_CLEAR_ON_EXIT;       if(!magic)    {    hash = pike_crypt_md5(pw->len, pw->str, salt->len, salt->str,    3, "$1$");    }
pike.git/src/post_modules/Nettle/nettle.cmod:734:    *! Implements the Castagnoli CRC, CRC32C. Hardware optimized on Intel    *! CPUs with SSE 4.2.    *!    *! @param seed    *! Can be fed with the result of the previous invocation to chain on new data.    *! Defaults to zero on virgin runs.    */   PIKEFUN int(0..) crc32c(string(8bit) data, void|int(0..) seed)   {    unsigned int h = 0; -  if(seed) { -  if (TYPEOF(*seed) != PIKE_T_INT) -  Pike_error("Bad argument type.\n"); +  if(seed)    h = seed->u.integer; -  } +    #ifdef HAVE_CRC32_INTRINSICS    if(supports_sse42)    {    push_int64(intel_crc32c((const unsigned int *)data->str, data->len, h));    }    else   #endif /* HAVE_CRC32_INTRISINCS */    {    unsigned int i=0, len = data->len;    for(h = ~h; i<len; i++)