diff --git a/.pipelines/OneBranch.Official.yml b/.pipelines/OneBranch.Official.yml index 07fbea4..a31364b 100644 --- a/.pipelines/OneBranch.Official.yml +++ b/.pipelines/OneBranch.Official.yml @@ -29,7 +29,7 @@ schedules: variables: CDP_DEFINITION_BUILD_COUNT: $[counter('', 0)] # needed for onebranch.pipeline.version task https://aka.ms/obpipelines/versioning LinuxContainerImage: 'onebranch.azurecr.io/linux/ubuntu-2004:latest' # Docker image which is used to build the project https://aka.ms/obpipelines/containers - WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2019/vse2022@sha256:a3083215a4675bad774ec88005dcf57436b3423584d0db3e82b6de3f780213ba' + WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2019/vse2022:latest' resources: repositories: diff --git a/.pipelines/OneBranch.WindowsUndocked.Official.yml b/.pipelines/OneBranch.WindowsUndocked.Official.yml index 87de110..086e598 100644 --- a/.pipelines/OneBranch.WindowsUndocked.Official.yml +++ b/.pipelines/OneBranch.WindowsUndocked.Official.yml @@ -58,7 +58,7 @@ parameters: variables: # https://aka.ms/obpipelines/containers - WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022@sha256:394ae836d8bbb5f5f7659744b85796ac823ab1410527ac26d143837bdecbde2a' + WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest' resources: repositories: diff --git a/.pipelines/OneBranch.WindowsUndocked.PullRequest.yml b/.pipelines/OneBranch.WindowsUndocked.PullRequest.yml index c46510c..822e3a0 100644 --- a/.pipelines/OneBranch.WindowsUndocked.PullRequest.yml +++ b/.pipelines/OneBranch.WindowsUndocked.PullRequest.yml @@ -19,7 +19,7 @@ pr: variables: # https://aka.ms/obpipelines/containers - WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022@sha256:394ae836d8bbb5f5f7659744b85796ac823ab1410527ac26d143837bdecbde2a' + WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest' resources: repositories: diff --git a/.pipelines/templates/build-windows-undocked.yml b/.pipelines/templates/build-windows-undocked.yml index 8f84c6f..d91a6d2 100644 --- a/.pipelines/templates/build-windows-undocked.yml +++ b/.pipelines/templates/build-windows-undocked.yml @@ -8,7 +8,7 @@ parameters: config: 'Debug,Release' platform: 'x86,x64,arm64' nativeCompiler: true - buildType: 'private' + buildType: 'pr' sign: false # Only signs UM binaries, for external (to Windows repo) release # Packaging args package: false @@ -94,10 +94,15 @@ jobs: ob_outputDirectory: $(Build.SourcesDirectory)\build\bin\$(ob_build_platform_win)$(ob_build_config_win) ob_artifactSuffix: _$(ob_build_platform_win)$(ob_build_config_win) # https://aka.ms/obpipelines/sdl - ob_sdl_tsa_enabled: true # When TSA is disabled all SDL tools will forced into 'break' build mode. + # When TSA is enabled bugs are filed on SDL errors. When TSA is disabled, most SDL tools break the build. + # Make official builds file bugs but PR builds just break the build. + ${{ if eq(parameters.buildType, 'official') }}: + ob_sdl_tsa_enabled: true + ${{ if eq(parameters.buildType, 'pr') }}: + ob_sdl_tsa_enabled: false ob_sdl_binskim_break: true ob_sdl_policheck_break: true - ob_sdl_prefast_break: false + ob_sdl_prefast_break: true ${{ if eq(parameters.sign, true) }}: ob_sdl_codeSignValidation_excludes: -|**\*.sys # Signing is not supported for KM drivers ${{ if eq(parameters.sign, false) }}: @@ -137,7 +142,7 @@ jobs: userProvideBuildInfo: auto rulesetName: Custom customRuleset: '$(Build.SourcesDirectory)\tvs.ruleset' - excludedPaths: 'c:/program files (x86)/windows kits/' + excludedPaths: 'c:/program files (x86)/windows kits/#c:/__w/1/s/unittest/symcryptdependencies/inc/' env: SYSTEM_ACCESSTOKEN: $(System.AccessToken) diff --git a/inc/symcrypt.h b/inc/symcrypt.h index 331994c..3c84e74 100644 --- a/inc/symcrypt.h +++ b/inc/symcrypt.h @@ -8511,7 +8511,7 @@ SymCryptXmsskeyGenerate( SYMCRYPT_ERROR SYMCRYPT_CALL SymCryptXmsskeySetValue( - _In_reads_bytes_( cbSrc ) PCBYTE pbInput, + _In_reads_bytes_( cbInput ) PCBYTE pbInput, SIZE_T cbInput, SYMCRYPT_XMSSKEY_TYPE keyType, UINT32 flags, @@ -8583,11 +8583,11 @@ SymCryptXmsskeySetValue( SYMCRYPT_ERROR SYMCRYPT_CALL SymCryptXmsskeyGetValue( - _In_ PCSYMCRYPT_XMSS_KEY pKey, - SYMCRYPT_XMSSKEY_TYPE keyType, - UINT32 flags, - _Out_writes_bytes_( cbKey ) PBYTE pbOutput, - SIZE_T cbOutput ); + _In_ PCSYMCRYPT_XMSS_KEY pKey, + SYMCRYPT_XMSSKEY_TYPE keyType, + UINT32 flags, + _Out_writes_bytes_( cbOutput ) PBYTE pbOutput, + SIZE_T cbOutput ); // // Get public/private key value from an XMSS/XMSS^MT key object // diff --git a/inc/symcrypt_internal.h b/inc/symcrypt_internal.h index b193045..fa00fc8 100644 --- a/inc/symcrypt_internal.h +++ b/inc/symcrypt_internal.h @@ -2100,6 +2100,14 @@ typedef const SYMCRYPT_ECPOINT * PCSYMCRYPT_ECPOINT; #define SYMCRYPT_BYTES_FROM_BITS(bits) ( ( (bits) + 7 ) / 8 ) +// The maximum number of bits in any integer value that the library supports. If the +// caller's input exceed this bound then the the integer object will not be created. +// The caller either must ensure the bound is not exceeded, or check for NULL before +// using created SymCrypt objects. +// The primary purpose of this limit is to avoid integer overlows in size computations. +// Having a reasonable upper bound avoids all size overflows, even on 32-bit CPUs +#define SYMCRYPT_INT_MAX_BITS ((UINT32)(1 << 20)) + // // Upper bound for the number of digits: this MUST be enforced on runtime // on all Allocate, SizeOf, and Create calls which take as input a digit number. diff --git a/inc/symcrypt_low_level.h b/inc/symcrypt_low_level.h index 2c09d2b..0b97e0f 100644 --- a/inc/symcrypt_low_level.h +++ b/inc/symcrypt_low_level.h @@ -273,14 +273,6 @@ a ModElement object. // General functions for integers // -// The maximum number of bits in any integer value that the library supports. If the -// caller's input exceed this bound then the the integer object will not be created. -// The caller either must ensure the bound is not exceeded, or check for NULL before -// using created SymCrypt objects. -// The primary purpose of this limit is to avoid integer overlows in size computations. -// Having a reasonable upper bound avoids all size overflows, even on 32-bit CPUs -#define SYMCRYPT_INT_MAX_BITS ((UINT32)(1 << 20)) - UINT32 SymCryptDigitsFromBits( UINT32 nBits ); // diff --git a/lib/aes-asm.c b/lib/aes-asm.c index 6980e56..75ea875 100644 --- a/lib/aes-asm.c +++ b/lib/aes-asm.c @@ -15,19 +15,12 @@ SymCryptAesEcbEncryptAsm( _Out_writes_( cbData ) PBYTE pbDst, SIZE_T cbData ) { - SIZE_T cbToDo = cbData & ~(SYMCRYPT_AES_BLOCK_SIZE - 1); - SIZE_T i; - - // - // This loop condition is slightly strange. - // If I use i < cbToDo (which is correct) then Prefast complains about buffer overflows. - // Even using SYMCRYPT_ASSERT which does an _Analysis_assume_ I can't fix the Prefast issue. - // The +15 in the code is slightly slower but it solves the Prefast issue. - // - - for( i=0; (i+SYMCRYPT_AES_BLOCK_SIZE-1) < cbToDo; i+= SYMCRYPT_AES_BLOCK_SIZE ) + while( cbData >= SYMCRYPT_AES_BLOCK_SIZE ) { - SymCryptAesEncryptAsm( pExpandedKey, pbSrc + i, pbDst + i ); + SymCryptAesEncryptAsm( pExpandedKey, pbSrc, pbDst ); + pbSrc += SYMCRYPT_AES_BLOCK_SIZE; + pbDst += SYMCRYPT_AES_BLOCK_SIZE; + cbData -= SYMCRYPT_AES_BLOCK_SIZE; } } @@ -39,18 +32,11 @@ SymCryptAesEcbDecryptAsm( _Out_writes_( cbData ) PBYTE pbDst, SIZE_T cbData ) { - SIZE_T cbToDo = cbData & ~(SYMCRYPT_AES_BLOCK_SIZE - 1); - SIZE_T i; - - // - // This loop condition is slightly strange. - // If I use i < cbToDo (which is correct) then Prefast complains about buffer overflows. - // Even using SYMCRYPT_ASSERT which does an _Analysis_assume_ I can't fix the Prefast issue. - // The +15 in the code is slightly slower but it solves the Prefast issue. - // - - for( i=0; (i+SYMCRYPT_AES_BLOCK_SIZE-1) < cbToDo; i+= SYMCRYPT_AES_BLOCK_SIZE ) + while( cbData >= SYMCRYPT_AES_BLOCK_SIZE ) { - SymCryptAesDecryptAsm( pExpandedKey, pbSrc + i, pbDst + i ); + SymCryptAesDecryptAsm( pExpandedKey, pbSrc, pbDst ); + pbSrc += SYMCRYPT_AES_BLOCK_SIZE; + pbDst += SYMCRYPT_AES_BLOCK_SIZE; + cbData -= SYMCRYPT_AES_BLOCK_SIZE; } } diff --git a/lib/aes-c.c b/lib/aes-c.c index c273a7e..1faafe9 100644 --- a/lib/aes-c.c +++ b/lib/aes-c.c @@ -364,19 +364,12 @@ SymCryptAesEcbEncryptC( _Out_writes_( cbData ) PBYTE pbDst, SIZE_T cbData ) { - SIZE_T cbToDo = cbData & ~(SYMCRYPT_AES_BLOCK_SIZE - 1); - SIZE_T i; - - // - // This loop condition is slightly strange. - // If I use i < cbToDo (which is correct) then Prefast complains about buffer overflows. - // Even using SYMCRYPT_ASSERT which does an _Analysis_assume_ I can't fix the Prefast issue. - // The +15 in the code is slightly slower but it solves the Prefast issue. - // - - for( i=0; (i+SYMCRYPT_AES_BLOCK_SIZE-1) < cbToDo; i+= SYMCRYPT_AES_BLOCK_SIZE ) + while( cbData >= SYMCRYPT_AES_BLOCK_SIZE ) { - SymCryptAesEncryptC( pExpandedKey, pbSrc + i, pbDst + i ); + SymCryptAesEncryptC( pExpandedKey, pbSrc, pbDst ); + pbSrc += SYMCRYPT_AES_BLOCK_SIZE; + pbDst += SYMCRYPT_AES_BLOCK_SIZE; + cbData -= SYMCRYPT_AES_BLOCK_SIZE; } } @@ -388,19 +381,12 @@ SymCryptAesEcbDecryptC( _Out_writes_( cbData ) PBYTE pbDst, SIZE_T cbData ) { - SIZE_T cbToDo = cbData & ~(SYMCRYPT_AES_BLOCK_SIZE - 1); - SIZE_T i; - - // - // This loop condition is slightly strange. - // If I use i < cbToDo (which is correct) then Prefast complains about buffer overflows. - // Even using SYMCRYPT_ASSERT which does an _Analysis_assume_ I can't fix the Prefast issue. - // The +15 in the code is slightly slower but it solves the Prefast issue. - // - - for( i=0; (i+SYMCRYPT_AES_BLOCK_SIZE-1) < cbToDo; i+= SYMCRYPT_AES_BLOCK_SIZE ) + while( cbData >= SYMCRYPT_AES_BLOCK_SIZE ) { - SymCryptAesDecryptC( pExpandedKey, pbSrc + i, pbDst + i ); + SymCryptAesDecryptC( pExpandedKey, pbSrc, pbDst ); + pbSrc += SYMCRYPT_AES_BLOCK_SIZE; + pbDst += SYMCRYPT_AES_BLOCK_SIZE; + cbData -= SYMCRYPT_AES_BLOCK_SIZE; } } diff --git a/lib/aes-default.c b/lib/aes-default.c index 6f65d3d..3df86f2 100644 --- a/lib/aes-default.c +++ b/lib/aes-default.c @@ -303,19 +303,12 @@ SymCryptAesEcbDecrypt( _Out_writes_( cbData ) PBYTE pbDst, SIZE_T cbData ) { - SIZE_T cbToDo = cbData & ~(SYMCRYPT_AES_BLOCK_SIZE - 1); - SIZE_T i; - - // - // This loop condition is slightly strange. - // If I use i < cbToDo (which is correct) then Prefast complains about buffer overflows. - // Even using SYMCRYPT_ASSERT which does an _Analysis_assume_ I can't fix the Prefast issue. - // The +15 in the code is slightly slower but it solves the Prefast issue. - // - - for( i=0; (i+SYMCRYPT_AES_BLOCK_SIZE-1) < cbToDo; i+= SYMCRYPT_AES_BLOCK_SIZE ) + while( cbData >= SYMCRYPT_AES_BLOCK_SIZE ) { - SymCryptAesDecrypt( pExpandedKey, pbSrc + i, pbDst + i ); + SymCryptAesDecrypt( pExpandedKey, pbSrc, pbDst ); + pbSrc += SYMCRYPT_AES_BLOCK_SIZE; + pbDst += SYMCRYPT_AES_BLOCK_SIZE; + cbData -= SYMCRYPT_AES_BLOCK_SIZE; } } diff --git a/lib/env_windowsBootLib.c b/lib/env_windowsBootLib.c index ffb951f..135556a 100644 --- a/lib/env_windowsBootLib.c +++ b/lib/env_windowsBootLib.c @@ -5,7 +5,10 @@ // Copyright (c) Microsoft Corporation. Licensed under the MIT license. // +#pragma warning(push) +#pragma warning(disable: 5103) // Arm64's wdm.h included below currently generate a lot of 5103 warnings #include +#pragma warning(pop) #include #include "symcrypt.h" diff --git a/lib/env_windowsKernelModeWin7.c b/lib/env_windowsKernelModeWin7.c index 96aa6ea..765eced 100644 --- a/lib/env_windowsKernelModeWin7.c +++ b/lib/env_windowsKernelModeWin7.c @@ -18,8 +18,10 @@ // #define _NTSYSTEM_ +#pragma warning(push) +#pragma warning(disable: 5103) // Arm64's wdm.h included below currently generate a lot of 5103 warnings #include - +#pragma warning(pop) #include "symcrypt.h" #include "sc_lib.h" diff --git a/lib/env_windowsKernelModeWin8_1.c b/lib/env_windowsKernelModeWin8_1.c index f3129dc..8a474d9 100644 --- a/lib/env_windowsKernelModeWin8_1.c +++ b/lib/env_windowsKernelModeWin8_1.c @@ -17,7 +17,10 @@ // #define _NTSYSTEM_ +#pragma warning(push) +#pragma warning(disable: 5103) // Arm64's wdm.h included below currently generate a lot of 5103 warnings #include +#pragma warning(pop) #include "symcrypt.h" #include "sc_lib.h" @@ -41,6 +44,7 @@ VOID SYMCRYPT_CALL SymCryptInitEnvWindowsKernelmodeWin8_1nLater( UINT32 version ) { + #pragma warning(suppress: 4845) // Following declspec only applies when compiled with default initialization, in some test builds we don't care whether default initialization is specified __declspec(no_init_all) RTL_OSVERSIONINFOW verInfo; diff --git a/lib/env_windowsUserModeWin7.c b/lib/env_windowsUserModeWin7.c index 93fb17f..2bc42a0 100644 --- a/lib/env_windowsUserModeWin7.c +++ b/lib/env_windowsUserModeWin7.c @@ -7,7 +7,10 @@ // #include "precomp.h" +#pragma warning(push) +#pragma warning(disable: 5103) // Arm64's wdm.h included below currently generate a lot of 5103 warnings #include +#pragma warning(pop) #include "symcrypt.h" #include "sc_lib.h" diff --git a/lib/env_windowsUserModeWin8_1.c b/lib/env_windowsUserModeWin8_1.c index eb6c09e..e9bf24f 100644 --- a/lib/env_windowsUserModeWin8_1.c +++ b/lib/env_windowsUserModeWin8_1.c @@ -6,7 +6,11 @@ // //#include "precomp.h" + +#pragma warning(push) +#pragma warning(disable: 5103) // Arm64's wdm.h included below currently generate a lot of 5103 warnings #include +#pragma warning(pop) #include "symcrypt.h" #include "sc_lib.h" diff --git a/lib/sha256-xmm.c b/lib/sha256-xmm.c index 7ee5052..fb828fe 100644 --- a/lib/sha256-xmm.c +++ b/lib/sha256-xmm.c @@ -224,24 +224,25 @@ SymCryptSha256AppendBlocks_xmm_4blocks( ah[1] = pChain->H[6]; ah[0] = pChain->H[7]; - for (int round = 0; round < 64; round += 8) + for (int iterCount = 0; iterCount < (64/8); iterCount++) { - CROUND_4BLOCKS( 0, round, bl); - CROUND_4BLOCKS( 1, round, bl); - CROUND_4BLOCKS( 2, round, bl); - CROUND_4BLOCKS( 3, round, bl); - CROUND_4BLOCKS( 4, round, bl); - CROUND_4BLOCKS( 5, round, bl); - CROUND_4BLOCKS( 6, round, bl); - CROUND_4BLOCKS( 7, round, bl); - //CROUND_4BLOCKS( 8, round, bl); - //CROUND_4BLOCKS( 9, round, bl); - //CROUND_4BLOCKS(10, round, bl); - //CROUND_4BLOCKS(11, round, bl); - //CROUND_4BLOCKS(12, round, bl); - //CROUND_4BLOCKS(13, round, bl); - //CROUND_4BLOCKS(14, round, bl); - //CROUND_4BLOCKS(15, round, bl); + const int roundBase = iterCount*8; + CROUND_4BLOCKS( 0, roundBase, bl); + CROUND_4BLOCKS( 1, roundBase, bl); + CROUND_4BLOCKS( 2, roundBase, bl); + CROUND_4BLOCKS( 3, roundBase, bl); + CROUND_4BLOCKS( 4, roundBase, bl); + CROUND_4BLOCKS( 5, roundBase, bl); + CROUND_4BLOCKS( 6, roundBase, bl); + CROUND_4BLOCKS( 7, roundBase, bl); + //CROUND_4BLOCKS( 8, roundBase, bl); + //CROUND_4BLOCKS( 9, roundBase, bl); + //CROUND_4BLOCKS(10, roundBase, bl); + //CROUND_4BLOCKS(11, roundBase, bl); + //CROUND_4BLOCKS(12, roundBase, bl); + //CROUND_4BLOCKS(13, roundBase, bl); + //CROUND_4BLOCKS(14, roundBase, bl); + //CROUND_4BLOCKS(15, roundBase, bl); } pChain->H[0] = ah[7] + pChain->H[0]; @@ -295,24 +296,25 @@ SymCryptSha256AppendBlocks_xmm_4blocks( // // rounds 16 to 64. // - for (int round = 16; round < 64; round += 16) + for (int iterCount = 1; iterCount < (64/16); iterCount++) { - FROUND(0, round); - FROUND(1, round); - FROUND(2, round); - FROUND(3, round); - FROUND(4, round); - FROUND(5, round); - FROUND(6, round); - FROUND(7, round); - FROUND(8, round); - FROUND(9, round); - FROUND(10, round); - FROUND(11, round); - FROUND(12, round); - FROUND(13, round); - FROUND(14, round); - FROUND(15, round); + const int roundBase = iterCount*16; + FROUND(0, roundBase); + FROUND(1, roundBase); + FROUND(2, roundBase); + FROUND(3, roundBase); + FROUND(4, roundBase); + FROUND(5, roundBase); + FROUND(6, roundBase); + FROUND(7, roundBase); + FROUND(8, roundBase); + FROUND(9, roundBase); + FROUND(10, roundBase); + FROUND(11, roundBase); + FROUND(12, roundBase); + FROUND(13, roundBase); + FROUND(14, roundBase); + FROUND(15, roundBase); } pChain->H[0] = ah[7] + pChain->H[0]; diff --git a/lib/sha256-ymm.c b/lib/sha256-ymm.c index fa14a2a..42816da 100644 --- a/lib/sha256-ymm.c +++ b/lib/sha256-ymm.c @@ -307,24 +307,25 @@ SymCryptSha256AppendBlocks_ymm_8blocks( ah[1] = pChain->H[6]; ah[0] = pChain->H[7]; - for (int round = 0; round < 64; round += 16) + for (int iterCount=0; iterCount<(64/16); iterCount++) { - CROUND_8BLOCKS( 0, round, bl); - CROUND_8BLOCKS( 1, round, bl); - CROUND_8BLOCKS( 2, round, bl); - CROUND_8BLOCKS( 3, round, bl); - CROUND_8BLOCKS( 4, round, bl); - CROUND_8BLOCKS( 5, round, bl); - CROUND_8BLOCKS( 6, round, bl); - CROUND_8BLOCKS( 7, round, bl); - CROUND_8BLOCKS( 8, round, bl); - CROUND_8BLOCKS( 9, round, bl); - CROUND_8BLOCKS(10, round, bl); - CROUND_8BLOCKS(11, round, bl); - CROUND_8BLOCKS(12, round, bl); - CROUND_8BLOCKS(13, round, bl); - CROUND_8BLOCKS(14, round, bl); - CROUND_8BLOCKS(15, round, bl); + const int roundBase = iterCount*16; + CROUND_8BLOCKS( 0, roundBase, bl); + CROUND_8BLOCKS( 1, roundBase, bl); + CROUND_8BLOCKS( 2, roundBase, bl); + CROUND_8BLOCKS( 3, roundBase, bl); + CROUND_8BLOCKS( 4, roundBase, bl); + CROUND_8BLOCKS( 5, roundBase, bl); + CROUND_8BLOCKS( 6, roundBase, bl); + CROUND_8BLOCKS( 7, roundBase, bl); + CROUND_8BLOCKS( 8, roundBase, bl); + CROUND_8BLOCKS( 9, roundBase, bl); + CROUND_8BLOCKS(10, roundBase, bl); + CROUND_8BLOCKS(11, roundBase, bl); + CROUND_8BLOCKS(12, roundBase, bl); + CROUND_8BLOCKS(13, roundBase, bl); + CROUND_8BLOCKS(14, roundBase, bl); + CROUND_8BLOCKS(15, roundBase, bl); } pChain->H[0] = ah[7] + pChain->H[0]; @@ -381,24 +382,25 @@ SymCryptSha256AppendBlocks_ymm_8blocks( // // rounds 16 to 64. // - for (int round = 16; round < 64; round += 16) + for (int iterCount=1; iterCount<(64/16); iterCount++) { - FROUND(0, round); - FROUND(1, round); - FROUND(2, round); - FROUND(3, round); - FROUND(4, round); - FROUND(5, round); - FROUND(6, round); - FROUND(7, round); - FROUND(8, round); - FROUND(9, round); - FROUND(10, round); - FROUND(11, round); - FROUND(12, round); - FROUND(13, round); - FROUND(14, round); - FROUND(15, round); + const int roundBase = iterCount*16; + FROUND( 0, roundBase); + FROUND( 1, roundBase); + FROUND( 2, roundBase); + FROUND( 3, roundBase); + FROUND( 4, roundBase); + FROUND( 5, roundBase); + FROUND( 6, roundBase); + FROUND( 7, roundBase); + FROUND( 8, roundBase); + FROUND( 9, roundBase); + FROUND(10, roundBase); + FROUND(11, roundBase); + FROUND(12, roundBase); + FROUND(13, roundBase); + FROUND(14, roundBase); + FROUND(15, roundBase); } pChain->H[0] = ah[7] + pChain->H[0]; diff --git a/lib/sha512-ymm.c b/lib/sha512-ymm.c index 0cd4f54..6d03aea 100644 --- a/lib/sha512-ymm.c +++ b/lib/sha512-ymm.c @@ -152,31 +152,33 @@ SymCryptSha512AppendBlocks_ymm_1block( Wx.ymm[3] = _mm256_shuffle_epi8(_mm256_loadu_si256((__m256i*) & pbData[0 * SYMCRYPT_SHA512_INPUT_BLOCK_SIZE + (3) * 32]), _mm256_load_si256((__m256i*)BYTE_REVERSE_64X2)); #endif - for (int round = 0; round < 64; round += 16) + for (int iterCount=0; iterCount<(64/16); iterCount++) { - CROUND_1BLOCK(A, B, C, D, E, F, G, H, round + 0); - CROUND_1BLOCK(H, A, B, C, D, E, F, G, round + 1); - CROUND_1BLOCK(G, H, A, B, C, D, E, F, round + 2); - CROUND_1BLOCK(F, G, H, A, B, C, D, E, round + 3); - SHA512_MSG_EXPAND_1BLOCK_4ROUNDS(round + 16); + const int roundBase = iterCount*16; - CROUND_1BLOCK(E, F, G, H, A, B, C, D, round + 4); - CROUND_1BLOCK(D, E, F, G, H, A, B, C, round + 5); - CROUND_1BLOCK(C, D, E, F, G, H, A, B, round + 6); - CROUND_1BLOCK(B, C, D, E, F, G, H, A, round + 7); - SHA512_MSG_EXPAND_1BLOCK_4ROUNDS(round + 20); + CROUND_1BLOCK(A, B, C, D, E, F, G, H, roundBase + 0); + CROUND_1BLOCK(H, A, B, C, D, E, F, G, roundBase + 1); + CROUND_1BLOCK(G, H, A, B, C, D, E, F, roundBase + 2); + CROUND_1BLOCK(F, G, H, A, B, C, D, E, roundBase + 3); + SHA512_MSG_EXPAND_1BLOCK_4ROUNDS(roundBase + 16); - CROUND_1BLOCK(A, B, C, D, E, F, G, H, round + 8); - CROUND_1BLOCK(H, A, B, C, D, E, F, G, round + 9); - CROUND_1BLOCK(G, H, A, B, C, D, E, F, round + 10); - CROUND_1BLOCK(F, G, H, A, B, C, D, E, round + 11); - SHA512_MSG_EXPAND_1BLOCK_4ROUNDS(round + 24); + CROUND_1BLOCK(E, F, G, H, A, B, C, D, roundBase + 4); + CROUND_1BLOCK(D, E, F, G, H, A, B, C, roundBase + 5); + CROUND_1BLOCK(C, D, E, F, G, H, A, B, roundBase + 6); + CROUND_1BLOCK(B, C, D, E, F, G, H, A, roundBase + 7); + SHA512_MSG_EXPAND_1BLOCK_4ROUNDS(roundBase + 20); - CROUND_1BLOCK(E, F, G, H, A, B, C, D, round + 12); - CROUND_1BLOCK(D, E, F, G, H, A, B, C, round + 13); - CROUND_1BLOCK(C, D, E, F, G, H, A, B, round + 14); - CROUND_1BLOCK(B, C, D, E, F, G, H, A, round + 15); - SHA512_MSG_EXPAND_1BLOCK_4ROUNDS(round + 28); + CROUND_1BLOCK(A, B, C, D, E, F, G, H, roundBase + 8); + CROUND_1BLOCK(H, A, B, C, D, E, F, G, roundBase + 9); + CROUND_1BLOCK(G, H, A, B, C, D, E, F, roundBase + 10); + CROUND_1BLOCK(F, G, H, A, B, C, D, E, roundBase + 11); + SHA512_MSG_EXPAND_1BLOCK_4ROUNDS(roundBase + 24); + + CROUND_1BLOCK(E, F, G, H, A, B, C, D, roundBase + 12); + CROUND_1BLOCK(D, E, F, G, H, A, B, C, roundBase + 13); + CROUND_1BLOCK(C, D, E, F, G, H, A, B, roundBase + 14); + CROUND_1BLOCK(B, C, D, E, F, G, H, A, roundBase + 15); + SHA512_MSG_EXPAND_1BLOCK_4ROUNDS(roundBase + 28); } CROUND_1BLOCK(A, B, C, D, E, F, G, H, 64 + 0); @@ -416,16 +418,17 @@ SymCryptSha512AppendBlocks_ymm_2blocks( G = pChain->H[6]; H = pChain->H[7]; - for (int round = 0; round < 80; round += 8) + for (int iterCount=0; iterCount<(80/8); iterCount++) { - CROUND_2BLOCKS(A, B, C, D, E, F, G, H, round + 0, 1); - CROUND_2BLOCKS(H, A, B, C, D, E, F, G, round + 1, 1); - CROUND_2BLOCKS(G, H, A, B, C, D, E, F, round + 2, 1); - CROUND_2BLOCKS(F, G, H, A, B, C, D, E, round + 3, 1); - CROUND_2BLOCKS(E, F, G, H, A, B, C, D, round + 4, 1); - CROUND_2BLOCKS(D, E, F, G, H, A, B, C, round + 5, 1); - CROUND_2BLOCKS(C, D, E, F, G, H, A, B, round + 6, 1); - CROUND_2BLOCKS(B, C, D, E, F, G, H, A, round + 7, 1); + const int roundBase = iterCount*8; + CROUND_2BLOCKS(A, B, C, D, E, F, G, H, roundBase + 0, 1); + CROUND_2BLOCKS(H, A, B, C, D, E, F, G, roundBase + 1, 1); + CROUND_2BLOCKS(G, H, A, B, C, D, E, F, roundBase + 2, 1); + CROUND_2BLOCKS(F, G, H, A, B, C, D, E, roundBase + 3, 1); + CROUND_2BLOCKS(E, F, G, H, A, B, C, D, roundBase + 4, 1); + CROUND_2BLOCKS(D, E, F, G, H, A, B, C, roundBase + 5, 1); + CROUND_2BLOCKS(C, D, E, F, G, H, A, B, roundBase + 6, 1); + CROUND_2BLOCKS(B, C, D, E, F, G, H, A, roundBase + 7, 1); } pChain->H[0] = A + pChain->H[0]; @@ -625,19 +628,21 @@ SymCryptSha512AppendBlocks_ymm_4blocks( G = pChain->H[6]; H = pChain->H[7]; - for (int round = 0; round < 64; round += 8) + for (int iterCount=0; iterCount<(64/8); iterCount++) { - SHA512_MSG_EXPAND_4BLOCKS_4ROUNDS(round + 16); - CROUND_4BLOCKS(A, B, C, D, E, F, G, H, round + 0, 0); - CROUND_4BLOCKS(H, A, B, C, D, E, F, G, round + 1, 0); - CROUND_4BLOCKS(G, H, A, B, C, D, E, F, round + 2, 0); - CROUND_4BLOCKS(F, G, H, A, B, C, D, E, round + 3, 0); + const int roundBase = iterCount*8; - SHA512_MSG_EXPAND_4BLOCKS_4ROUNDS(round + 20); - CROUND_4BLOCKS(E, F, G, H, A, B, C, D, round + 4, 0); - CROUND_4BLOCKS(D, E, F, G, H, A, B, C, round + 5, 0); - CROUND_4BLOCKS(C, D, E, F, G, H, A, B, round + 6, 0); - CROUND_4BLOCKS(B, C, D, E, F, G, H, A, round + 7, 0); + SHA512_MSG_EXPAND_4BLOCKS_4ROUNDS(roundBase + 16); + CROUND_4BLOCKS(A, B, C, D, E, F, G, H, roundBase + 0, 0); + CROUND_4BLOCKS(H, A, B, C, D, E, F, G, roundBase + 1, 0); + CROUND_4BLOCKS(G, H, A, B, C, D, E, F, roundBase + 2, 0); + CROUND_4BLOCKS(F, G, H, A, B, C, D, E, roundBase + 3, 0); + + SHA512_MSG_EXPAND_4BLOCKS_4ROUNDS(roundBase + 20); + CROUND_4BLOCKS(E, F, G, H, A, B, C, D, roundBase + 4, 0); + CROUND_4BLOCKS(D, E, F, G, H, A, B, C, roundBase + 5, 0); + CROUND_4BLOCKS(C, D, E, F, G, H, A, B, roundBase + 6, 0); + CROUND_4BLOCKS(B, C, D, E, F, G, H, A, roundBase + 7, 0); } // Last 16 rounds; add round constants and process. Message expansion is completed above. @@ -665,24 +670,26 @@ SymCryptSha512AppendBlocks_ymm_4blocks( G = pChain->H[6]; H = pChain->H[7]; - for (int round = 0; round < 80; round += 8) + for (int iterCount=0; iterCount<(80/8); iterCount++) { - CROUND_4BLOCKS(A, B, C, D, E, F, G, H, round + 0, bl); - CROUND_4BLOCKS(H, A, B, C, D, E, F, G, round + 1, bl); - CROUND_4BLOCKS(G, H, A, B, C, D, E, F, round + 2, bl); - CROUND_4BLOCKS(F, G, H, A, B, C, D, E, round + 3, bl); - CROUND_4BLOCKS(E, F, G, H, A, B, C, D, round + 4, bl); - CROUND_4BLOCKS(D, E, F, G, H, A, B, C, round + 5, bl); - CROUND_4BLOCKS(C, D, E, F, G, H, A, B, round + 6, bl); - CROUND_4BLOCKS(B, C, D, E, F, G, H, A, round + 7, bl); - //CROUND_4BLOCKS(A, B, C, D, E, F, G, H, round + 8, bl); - //CROUND_4BLOCKS(H, A, B, C, D, E, F, G, round + 9, bl); - //CROUND_4BLOCKS(G, H, A, B, C, D, E, F, round + 10, bl); - //CROUND_4BLOCKS(F, G, H, A, B, C, D, E, round + 11, bl); - //CROUND_4BLOCKS(E, F, G, H, A, B, C, D, round + 12, bl); - //CROUND_4BLOCKS(D, E, F, G, H, A, B, C, round + 13, bl); - //CROUND_4BLOCKS(C, D, E, F, G, H, A, B, round + 14, bl); - //CROUND_4BLOCKS(B, C, D, E, F, G, H, A, round + 15, bl); + const int roundBase = iterCount*8; + + CROUND_4BLOCKS(A, B, C, D, E, F, G, H, roundBase + 0, bl); + CROUND_4BLOCKS(H, A, B, C, D, E, F, G, roundBase + 1, bl); + CROUND_4BLOCKS(G, H, A, B, C, D, E, F, roundBase + 2, bl); + CROUND_4BLOCKS(F, G, H, A, B, C, D, E, roundBase + 3, bl); + CROUND_4BLOCKS(E, F, G, H, A, B, C, D, roundBase + 4, bl); + CROUND_4BLOCKS(D, E, F, G, H, A, B, C, roundBase + 5, bl); + CROUND_4BLOCKS(C, D, E, F, G, H, A, B, roundBase + 6, bl); + CROUND_4BLOCKS(B, C, D, E, F, G, H, A, roundBase + 7, bl); + //CROUND_4BLOCKS(A, B, C, D, E, F, G, H, roundBase + 8, bl); + //CROUND_4BLOCKS(H, A, B, C, D, E, F, G, roundBase + 9, bl); + //CROUND_4BLOCKS(G, H, A, B, C, D, E, F, roundBase + 10, bl); + //CROUND_4BLOCKS(F, G, H, A, B, C, D, E, roundBase + 11, bl); + //CROUND_4BLOCKS(E, F, G, H, A, B, C, D, roundBase + 12, bl); + //CROUND_4BLOCKS(D, E, F, G, H, A, B, C, roundBase + 13, bl); + //CROUND_4BLOCKS(C, D, E, F, G, H, A, B, roundBase + 14, bl); + //CROUND_4BLOCKS(B, C, D, E, F, G, H, A, roundBase + 15, bl); } pChain->H[0] = A + pChain->H[0]; @@ -736,24 +743,26 @@ SymCryptSha512AppendBlocks_ymm_4blocks( IROUND(C, D, E, F, G, H, A, B, 14); IROUND(B, C, D, E, F, G, H, A, 15); - for (int round = 16; round < 80; round += 16) + for (int iterCount=1; iterCount<(80/16); iterCount++) { - FROUND(A, B, C, D, E, F, G, H, round + 0, 0); - FROUND(H, A, B, C, D, E, F, G, round + 1, 1); - FROUND(G, H, A, B, C, D, E, F, round + 2, 2); - FROUND(F, G, H, A, B, C, D, E, round + 3, 3); - FROUND(E, F, G, H, A, B, C, D, round + 4, 4); - FROUND(D, E, F, G, H, A, B, C, round + 5, 5); - FROUND(C, D, E, F, G, H, A, B, round + 6, 6); - FROUND(B, C, D, E, F, G, H, A, round + 7, 7); - FROUND(A, B, C, D, E, F, G, H, round + 8, 8); - FROUND(H, A, B, C, D, E, F, G, round + 9, 9); - FROUND(G, H, A, B, C, D, E, F, round + 10, 10); - FROUND(F, G, H, A, B, C, D, E, round + 11, 11); - FROUND(E, F, G, H, A, B, C, D, round + 12, 12); - FROUND(D, E, F, G, H, A, B, C, round + 13, 13); - FROUND(C, D, E, F, G, H, A, B, round + 14, 14); - FROUND(B, C, D, E, F, G, H, A, round + 15, 15); + const int roundBase = iterCount*16; + + FROUND(A, B, C, D, E, F, G, H, roundBase + 0, 0); + FROUND(H, A, B, C, D, E, F, G, roundBase + 1, 1); + FROUND(G, H, A, B, C, D, E, F, roundBase + 2, 2); + FROUND(F, G, H, A, B, C, D, E, roundBase + 3, 3); + FROUND(E, F, G, H, A, B, C, D, roundBase + 4, 4); + FROUND(D, E, F, G, H, A, B, C, roundBase + 5, 5); + FROUND(C, D, E, F, G, H, A, B, roundBase + 6, 6); + FROUND(B, C, D, E, F, G, H, A, roundBase + 7, 7); + FROUND(A, B, C, D, E, F, G, H, roundBase + 8, 8); + FROUND(H, A, B, C, D, E, F, G, roundBase + 9, 9); + FROUND(G, H, A, B, C, D, E, F, roundBase + 10, 10); + FROUND(F, G, H, A, B, C, D, E, roundBase + 11, 11); + FROUND(E, F, G, H, A, B, C, D, roundBase + 12, 12); + FROUND(D, E, F, G, H, A, B, C, roundBase + 13, 13); + FROUND(C, D, E, F, G, H, A, B, roundBase + 14, 14); + FROUND(B, C, D, E, F, G, H, A, roundBase + 15, 15); } pChain->H[0] = A + pChain->H[0]; diff --git a/lib/xmss.c b/lib/xmss.c index 46a57c1..a18d381 100644 --- a/lib/xmss.c +++ b/lib/xmss.c @@ -761,13 +761,13 @@ SymCryptXmssPrfKey( VOID SYMCRYPT_CALL SymCryptXmssPrf( - _In_ PCSYMCRYPT_XMSS_PARAMS pParams, - BYTE PrfType, - _In_reads_bytes_( cbKey ) PCBYTE pbKey, - SIZE_T cbKey, - _In_reads_bytes_( cbMsg ) PCBYTE pbMsg, - SIZE_T cbMsg, - _Out_writes_bytes_( pParams->n ) PBYTE pbOutput ) + _In_ PCSYMCRYPT_XMSS_PARAMS pParams, + BYTE PrfType, + _In_reads_bytes_( cbKey ) PCBYTE pbKey, + SIZE_T cbKey, + _In_reads_bytes_( cbMsg ) PCBYTE pbMsg, + SIZE_T cbMsg, + _Out_writes_bytes_( pParams->cbHashOutput ) PBYTE pbOutput ) { SYMCRYPT_HASH_STATE state; @@ -781,40 +781,40 @@ SymCryptXmssPrf( VOID SYMCRYPT_CALL SymCryptXmssRandHash( - _In_ PCSYMCRYPT_XMSS_PARAMS params, + _In_ PCSYMCRYPT_XMSS_PARAMS pParams, _Inout_ XMSS_ADRS *adrs, - _In_reads_bytes_( params->cbHashOutput ) PCBYTE pbSeed, - _In_reads_bytes_( params->cbHashOutput) PCBYTE pbLeft, - _In_reads_bytes_( params->cbHashOutput) PCBYTE pbRight, - _Out_writes_bytes_( params->cbHashOutput) PBYTE pbOutput ) + _In_reads_bytes_( pParams->cbHashOutput ) PCBYTE pbSeed, + _In_reads_bytes_( pParams->cbHashOutput ) PCBYTE pbLeft, + _In_reads_bytes_( pParams->cbHashOutput ) PCBYTE pbRight, + _Out_writes_bytes_( pParams->cbHashOutput ) PBYTE pbOutput ) { BYTE key[SYMCRYPT_HASH_MAX_RESULT_SIZE]; BYTE bitmask[2 * SYMCRYPT_HASH_MAX_RESULT_SIZE]; SYMCRYPT_HASH_STATE stateKeyed; SYMCRYPT_HASH_STATE stateMask; - SYMCRYPT_ASSERT(params->cbHashOutput <= SYMCRYPT_HASH_MAX_RESULT_SIZE); + SYMCRYPT_ASSERT(pParams->cbHashOutput <= SYMCRYPT_HASH_MAX_RESULT_SIZE); - SymCryptXmssPrfKey(params, pbSeed, params->cbHashOutput, &stateKeyed); + SymCryptXmssPrfKey(pParams, pbSeed, pParams->cbHashOutput, &stateKeyed); SYMCRYPT_STORE_MSBFIRST32(adrs->en32KeyAndMask, 1); - SymCryptHashStateCopy(params->hash, &stateKeyed, &stateMask); - SymCryptHashAppend(params->hash, &stateMask, (PCBYTE)adrs, sizeof(*adrs)); - SymCryptHashResult(params->hash, &stateMask, &bitmask[0], params->cbHashOutput); + SymCryptHashStateCopy(pParams->hash, &stateKeyed, &stateMask); + SymCryptHashAppend(pParams->hash, &stateMask, (PCBYTE)adrs, sizeof(*adrs)); + SymCryptHashResult(pParams->hash, &stateMask, &bitmask[0], pParams->cbHashOutput); SYMCRYPT_STORE_MSBFIRST32(adrs->en32KeyAndMask, 2); - SymCryptHashStateCopy(params->hash, &stateKeyed, &stateMask); - SymCryptHashAppend(params->hash, &stateMask, (PCBYTE)adrs, sizeof(*adrs)); - SymCryptHashResult(params->hash, &stateMask, &bitmask[params->cbHashOutput], params->cbHashOutput); + SymCryptHashStateCopy(pParams->hash, &stateKeyed, &stateMask); + SymCryptHashAppend(pParams->hash, &stateMask, (PCBYTE)adrs, sizeof(*adrs)); + SymCryptHashResult(pParams->hash, &stateMask, &bitmask[pParams->cbHashOutput], pParams->cbHashOutput); SYMCRYPT_STORE_MSBFIRST32(adrs->en32KeyAndMask, 0); - SymCryptHashAppend(params->hash, &stateKeyed, (PCBYTE)adrs, sizeof(*adrs)); - SymCryptHashResult(params->hash, &stateKeyed, key, params->cbHashOutput); + SymCryptHashAppend(pParams->hash, &stateKeyed, (PCBYTE)adrs, sizeof(*adrs)); + SymCryptHashResult(pParams->hash, &stateKeyed, key, pParams->cbHashOutput); - SymCryptXorBytes(&bitmask[0], pbLeft, &bitmask[0], params->cbHashOutput); - SymCryptXorBytes(&bitmask[params->cbHashOutput], pbRight, &bitmask[params->cbHashOutput], params->cbHashOutput); + SymCryptXorBytes(&bitmask[0], pbLeft, &bitmask[0], pParams->cbHashOutput); + SymCryptXorBytes(&bitmask[pParams->cbHashOutput], pbRight, &bitmask[pParams->cbHashOutput], pParams->cbHashOutput); - SymCryptXmssPrf(params, SYMCRYPT_XMSS_H, key, params->cbHashOutput, bitmask, 2 * params->cbHashOutput, pbOutput); + SymCryptXmssPrf(pParams, SYMCRYPT_XMSS_H, key, pParams->cbHashOutput, bitmask, 2 * pParams->cbHashOutput, pbOutput); } @@ -868,10 +868,10 @@ VOID SYMCRYPT_CALL SymCryptXmssCreateWotspSecret( _In_ PCSYMCRYPT_XMSS_PARAMS pParams, - _In_reads_bytes_( params->cbHashOutput ) PCBYTE pbSkXmss, - _In_reads_bytes_( params->cbHashOutput) PCBYTE pbSeed, + _In_reads_bytes_( pParams->cbHashOutput ) PCBYTE pbSkXmss, + _In_reads_bytes_( pParams->cbHashOutput ) PCBYTE pbSeed, _Inout_ XMSS_ADRS *adrs, - _Out_writes_bytes_( params->cbHashOutput) PBYTE pbOutput ) + _Out_writes_bytes_( pParams->cbHashOutput ) PBYTE pbOutput ) { SYMCRYPT_HASH_STATE state; @@ -885,13 +885,13 @@ SymCryptXmssCreateWotspSecret( VOID SYMCRYPT_CALL SymCryptXmssChain( - _In_ PCSYMCRYPT_XMSS_PARAMS params, - _In_reads_bytes_( params->cbHashOutput) PCBYTE pbInput, + _In_ PCSYMCRYPT_XMSS_PARAMS pParams, + _In_reads_bytes_( pParams->cbHashOutput ) PCBYTE pbInput, UINT32 startIndex, UINT32 steps, - _In_reads_bytes_( params->cbHashOutput) PCBYTE pbSeed, + _In_reads_bytes_( pParams->cbHashOutput ) PCBYTE pbSeed, _Inout_ XMSS_ADRS *adrs, - _Out_writes_bytes_( params->cbHashOutput) PBYTE pbOutput ) + _Out_writes_bytes_( pParams->cbHashOutput ) PBYTE pbOutput ) { BYTE tmp[SYMCRYPT_HASH_MAX_RESULT_SIZE]; BYTE key[SYMCRYPT_HASH_MAX_RESULT_SIZE]; @@ -899,35 +899,33 @@ SymCryptXmssChain( SYMCRYPT_HASH_STATE stateKey; SYMCRYPT_HASH_STATE stateMask; - memcpy(tmp, pbInput, params->cbHashOutput); + memcpy(tmp, pbInput, pParams->cbHashOutput); for (UINT32 i = startIndex; i < startIndex + steps; i++) { SYMCRYPT_STORE_MSBFIRST32(adrs->u.ots.en32Hash, i); - SymCryptXmssPrfKey(params, pbSeed, params->cbHashOutput, &stateKey); - SymCryptHashStateCopy(params->hash, &stateKey, &stateMask); + SymCryptXmssPrfKey(pParams, pbSeed, pParams->cbHashOutput, &stateKey); + SymCryptHashStateCopy(pParams->hash, &stateKey, &stateMask); SYMCRYPT_STORE_MSBFIRST32(adrs->en32KeyAndMask, 0); - //SymCryptXmssPrf(params, SYMCRYPT_XMSS_PRF, pbSeed, params->n, (PCBYTE)adrs, sizeof(*adrs), key); - SymCryptHashAppend(params->hash, &stateKey, (PCBYTE)adrs, sizeof(*adrs)); - SymCryptHashResult(params->hash, &stateKey, key, params->cbHashOutput); + SymCryptHashAppend(pParams->hash, &stateKey, (PCBYTE)adrs, sizeof(*adrs)); + SymCryptHashResult(pParams->hash, &stateKey, key, pParams->cbHashOutput); SYMCRYPT_STORE_MSBFIRST32(adrs->en32KeyAndMask, 1); - //SymCryptXmssPrf(params, SYMCRYPT_XMSS_PRF, pbSeed, params->n, (PCBYTE)adrs, sizeof(*adrs), bm); - SymCryptHashAppend(params->hash, &stateMask, (PCBYTE)adrs, sizeof(*adrs)); - SymCryptHashResult(params->hash, &stateMask, bm, params->cbHashOutput); + SymCryptHashAppend(pParams->hash, &stateMask, (PCBYTE)adrs, sizeof(*adrs)); + SymCryptHashResult(pParams->hash, &stateMask, bm, pParams->cbHashOutput); - SymCryptXorBytes(tmp, bm, tmp, params->cbHashOutput); + SymCryptXorBytes(tmp, bm, tmp, pParams->cbHashOutput); - SymCryptXmssPrf(params, SYMCRYPT_XMSS_F, key, params->cbHashOutput, tmp, params->cbHashOutput, tmp); + SymCryptXmssPrf(pParams, SYMCRYPT_XMSS_F, key, pParams->cbHashOutput, tmp, pParams->cbHashOutput, tmp); } // reset used ADRS fields SYMCRYPT_STORE_MSBFIRST32(adrs->u.ots.en32Hash, 0); SYMCRYPT_STORE_MSBFIRST32(adrs->en32KeyAndMask, 0); - memcpy(pbOutput, tmp, params->cbHashOutput); + memcpy(pbOutput, tmp, pParams->cbHashOutput); } @@ -1228,7 +1226,7 @@ cleanup: SYMCRYPT_ERROR SYMCRYPT_CALL SymCryptXmsskeySetValue( - _In_reads_bytes_( cbSrc ) PCBYTE pbInput, + _In_reads_bytes_( cbInput ) PCBYTE pbInput, SIZE_T cbInput, SYMCRYPT_XMSSKEY_TYPE keyType, UINT32 flags, @@ -1325,11 +1323,11 @@ cleanup: SYMCRYPT_ERROR SYMCRYPT_CALL SymCryptXmsskeyGetValue( - _In_ PCSYMCRYPT_XMSS_KEY pKey, - SYMCRYPT_XMSSKEY_TYPE keyType, - UINT32 flags, - _Out_writes_bytes_( cbKey ) PBYTE pbOutput, - SIZE_T cbOutput) + _In_ PCSYMCRYPT_XMSS_KEY pKey, + SYMCRYPT_XMSSKEY_TYPE keyType, + UINT32 flags, + _Out_writes_bytes_( cbOutput ) PBYTE pbOutput, + SIZE_T cbOutput) { SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR; SIZE_T cbKey; @@ -1425,13 +1423,13 @@ SymCryptXmssTreeRootFromAuthenticationPath( _In_ PCSYMCRYPT_XMSS_PARAMS pParams, _Inout_ XMSS_ADRS *adrs, UINT32 uLeaf, - _In_reads_bytes_( params->cbHashOutput) + _In_reads_bytes_( pParams->cbHashOutput ) PCBYTE pbStartingNode, - _In_reads_bytes_( params->cbHashOutput* params->nTotalTreeHeight ) + _In_reads_bytes_( pParams->cbHashOutput * pParams->nLayerHeight ) PCBYTE pbAuthNodes, - _In_reads_bytes_( params->cbHashOutput) + _In_reads_bytes_( pParams->cbHashOutput ) PCBYTE pbSeed, - _Out_writes_bytes_( params->cbHashOutput) + _Out_writes_bytes_( pParams->cbHashOutput ) PBYTE pbOutput ) { BYTE node[SYMCRYPT_HASH_MAX_RESULT_SIZE]; @@ -1958,7 +1956,7 @@ SYMCRYPT_CALL SymCryptXmssComputeRandomness( _In_ PCSYMCRYPT_XMSS_KEY pKey, UINT64 Idx, - _Out_writes_bytes_( pKey->params.cbHashOutput) PBYTE pbRandomness ) + _Out_writes_bytes_( pKey->params.cbHashOutput ) PBYTE pbRandomness ) { BYTE IdxBuffer[32]; diff --git a/modules/windows/kernel/module.c b/modules/windows/kernel/module.c index d0f74fb..a468c63 100644 --- a/modules/windows/kernel/module.c +++ b/modules/windows/kernel/module.c @@ -59,7 +59,12 @@ SymCryptCallbackAlloc(SIZE_T nBytes) PBYTE p, res = NULL; ULONG offset; + // Suppress leaking memory Prefast warning. p is freed with SymCryptCallbackFree + #pragma prefast(push) + #pragma prefast(suppress: 6014) p = (PBYTE) ExAllocatePoolZero(NonPagedPoolNx, nBytes + SYMCRYPT_ASYM_ALIGN_VALUE + 4, 'cmyS'); + #pragma prefast(pop) + if (!p) { goto cleanup; diff --git a/unittest/exe_posix/CMakeLists.txt b/unittest/exe_posix/CMakeLists.txt index bf2b329..2d71e6b 100644 --- a/unittest/exe_posix/CMakeLists.txt +++ b/unittest/exe_posix/CMakeLists.txt @@ -14,7 +14,7 @@ add_compile_definitions(INCLUDE_IMPL_MSBIGNUM=0) add_compile_definitions(INCLUDE_IMPL_RSA32=0) add_executable(symcryptunittest ${SOURCES}) -target_link_libraries(symcryptunittest symcryptunittest_lib dl) +target_link_libraries(symcryptunittest symcryptunittest_lib symcrypt_common dl) # Special linking options for MacOS if(CMAKE_SYSTEM_NAME MATCHES "Darwin") diff --git a/unittest/exe_test/CMakeLists.txt b/unittest/exe_test/CMakeLists.txt index 06fb0f5..72c3ab7 100644 --- a/unittest/exe_test/CMakeLists.txt +++ b/unittest/exe_test/CMakeLists.txt @@ -6,7 +6,7 @@ set(SOURCES set_source_files_properties(symcryptunittest.rc PROPERTIES LANGUAGE RC) add_executable(symcryptunittest ${SOURCES}) -target_link_libraries(symcryptunittest symcryptunittest_lib bcrypt ntdll) +target_link_libraries(symcryptunittest symcryptunittest_lib symcrypt_common bcrypt ntdll) if(SYMCRYPT_TEST_LEGACY_IMPL) # For internal builds, append RSA32 and msbignum. diff --git a/unittest/inc/algorithm_base.h b/unittest/inc/algorithm_base.h index c8663da..aeb1152 100644 --- a/unittest/inc/algorithm_base.h +++ b/unittest/inc/algorithm_base.h @@ -295,7 +295,7 @@ public: virtual VOID append(_In_reads_(cbData) PCBYTE pbData, SIZE_T cbData) = 0; // Append data to the running MAC computation. - virtual VOID extract(_Out_writes_(cbData) PBYTE pbResult, SIZE_T cbResult, BOOLEAN bWipe) = 0; + virtual VOID extract(_Out_writes_(cbResult) PBYTE pbResult, SIZE_T cbResult, BOOLEAN bWipe) = 0; // Extract data in XOF mode. virtual VOID result(_Out_writes_(cbResult) PBYTE pbResult, SIZE_T cbResult) = 0; diff --git a/unittest/lib/CMakeLists.txt b/unittest/lib/CMakeLists.txt index dd4b924..d6f23ee 100644 --- a/unittest/lib/CMakeLists.txt +++ b/unittest/lib/CMakeLists.txt @@ -105,7 +105,6 @@ endif() add_library(symcryptunittest_lib STATIC ${SOURCES}) set_target_properties(symcryptunittest_lib PROPERTIES PREFIX "") -target_link_libraries(symcryptunittest_lib symcrypt_common) if(SYMCRYPT_TEST_WITH_OPENSSL) target_include_directories(symcryptunittest_lib PRIVATE ${OPENSSL_INCLUDE_DIR}) diff --git a/unittest/lib/main_sys_common.cpp b/unittest/lib/main_sys_common.cpp index 9b3cd64..ab959de 100644 --- a/unittest/lib/main_sys_common.cpp +++ b/unittest/lib/main_sys_common.cpp @@ -341,7 +341,10 @@ DriverEntry( // // Create and initialize the Device object. // - + + // Suppress leaking memory Prefast warning. deviceObject is deleted on success in DrvUnload + #pragma prefast(push) + #pragma prefast(suppress: 6014) Status = IoCreateDevice( DriverObject, 0L, @@ -351,6 +354,8 @@ DriverEntry( TRUE, // exclusive, only one handle is allowed. &deviceObject ); + #pragma prefast(pop) + if (!NT_SUCCESS( Status )) { goto cleanup; @@ -361,6 +366,13 @@ DriverEntry( g_originalCpuFeatures = g_SymCryptCpuFeaturesNotPresent; cleanup: + if (!NT_SUCCESS( Status )) + { + if(deviceObject != NULL) + { + IoDeleteDevice(deviceObject); + } + } return Status; } diff --git a/unittest/lib/perf.cpp b/unittest/lib/perf.cpp index aaa77f9..d1a59f2 100644 --- a/unittest/lib/perf.cpp +++ b/unittest/lib/perf.cpp @@ -1195,7 +1195,7 @@ measurePerf() measurePerfOfAlgorithms(); - if( TRUE || isAlgorithmPresent( "Wipe", FALSE ) ) + if( TRUE /*|| isAlgorithmPresent( "Wipe", FALSE )*/ ) { measurePerfOfWipe(); } diff --git a/unittest/lib/symcryptunittest_lib.vcxproj b/unittest/lib/symcryptunittest_lib.vcxproj index 8b196a7..72b2312 100644 --- a/unittest/lib/symcryptunittest_lib.vcxproj +++ b/unittest/lib/symcryptunittest_lib.vcxproj @@ -12,11 +12,6 @@ $(SolutionDir) - - - {7c3bd5d2-7213-4cfa-b6cb-eb41623601bc} - - ..\;..\inc;..\SymCryptDependencies\inc;..\..\inc;..\..\lib; diff --git a/unittest/lib/testEcc.cpp b/unittest/lib/testEcc.cpp index 4a4cd5f..506811b 100644 --- a/unittest/lib/testEcc.cpp +++ b/unittest/lib/testEcc.cpp @@ -1188,7 +1188,7 @@ testEcdh( _In_reads_( cbQyb ) PCBYTE pbQyb, SIZE_T cbQyb, - _In_reads_( cbSS ) + _In_reads_( cbSs ) PCBYTE pbSs, SIZE_T cbSs, UINT32 secretAgreementFlags, diff --git a/unittest/lib/testStreamCipher.cpp b/unittest/lib/testStreamCipher.cpp index 8169042..89c53c0 100644 --- a/unittest/lib/testStreamCipher.cpp +++ b/unittest/lib/testStreamCipher.cpp @@ -21,7 +21,7 @@ public: virtual NTSTATUS setKey( _In_reads_( cbKey ) PCBYTE pbKey, SIZE_T cbKey ); - virtual NTSTATUS setNonce( _In_reads_( cbKey ) PCBYTE pbNonce, SIZE_T cbNonce ); + virtual NTSTATUS setNonce( _In_reads_( cbNonce ) PCBYTE pbNonce, SIZE_T cbNonce ); virtual BOOL isRandomAccess(); diff --git a/unittest/module_windows_sys_km/main_sys.cpp b/unittest/module_windows_sys_km/main_sys.cpp index 1f14606..db84c7d 100644 --- a/unittest/module_windows_sys_km/main_sys.cpp +++ b/unittest/module_windows_sys_km/main_sys.cpp @@ -547,7 +547,10 @@ DriverEntry( // // Create and initialize the Device object. // - + + // Suppress leaking memory Prefast warning. deviceObject is deleted on success in DrvUnload + #pragma prefast(push) + #pragma prefast(suppress: 6014) Status = IoCreateDevice( DriverObject, 0L, @@ -557,6 +560,8 @@ DriverEntry( TRUE, // exclusive, only one handle is allowed. &deviceObject ); + #pragma prefast(pop) + if (!NT_SUCCESS( Status )) { goto cleanup; @@ -569,6 +574,13 @@ DriverEntry( AllocWithChecksInit(); cleanup: + if (!NT_SUCCESS( Status )) + { + if(deviceObject != NULL) + { + IoDeleteDevice(deviceObject); + } + } return Status; }