1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
// via-rng.cpp - written and placed in public domain by Jeffrey Walton and Uri Blumenthal.
#include "pch.h"
#include "config.h"
#include "cryptlib.h"
#include "secblock.h"
#include "padlkrng.h"
#include "cpu.h"
// The Padlock Security Engine RNG has a few items to be aware of. You can
// find copies of the Programmer's manual, Cryptography Research Inc audit
// report, and other goodies at http://www.cryptopp.com/wiki/VIA_Padlock.
#if CRYPTOPP_MSC_VERSION
# pragma warning(disable: 4702)
#endif
NAMESPACE_BEGIN(CryptoPP)
std::string PadlockRNG::AlgorithmProvider() const
{
return "Padlock";
}
PadlockRNG::PadlockRNG(word32 divisor)
: m_divisor(DivisorHelper(divisor)), m_msr(0)
{
#if defined(CRYPTOPP_X86_ASM_AVAILABLE)
if (!HasPadlockRNG())
#endif
throw PadlockRNG_Err("PadlockRNG", "PadlockRNG generator not available");
}
void PadlockRNG::GenerateBlock(byte *output, size_t size)
{
CRYPTOPP_UNUSED(output); CRYPTOPP_UNUSED(size);
#if defined(CRYPTOPP_X86_ASM_AVAILABLE) && defined(__GNUC__)
while (size)
{
__asm__ __volatile__
(
#if (CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
"mov %1, %%rdi ;\n"
"movl %2, %%edx ;\n"
#else
"mov %1, %%edi ;\n"
"movl %2, %%edx ;\n"
#endif
// xstore-rng
".byte 0x0f, 0xa7, 0xc0 ;\n"
"movl %%eax, %0 ;\n"
: "=g" (m_msr) : "g" (m_buffer.data()), "g" (m_divisor)
#if (CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
: "rax", "rdx", "rdi", "cc"
#else
: "eax", "edx", "edi", "cc"
#endif
);
const size_t ret = m_msr & 0x1f;
const size_t rem = STDMIN<size_t>(ret, STDMIN<size_t>(size, 16U /*buffer size*/));
std::memcpy(output, m_buffer, rem);
size -= rem; output += rem;
}
#elif defined(CRYPTOPP_X86_ASM_AVAILABLE) && defined(_MSC_VER) && defined(_M_IX86)
while (size)
{
word32 result, divisor = m_divisor;
byte *buffer = reinterpret_cast<byte*>(m_buffer.data());
__asm {
mov edi, buffer
mov edx, divisor
_emit 0x0f
_emit 0xa7
_emit 0xc0
mov result, eax
}
const size_t ret = (m_msr = result) & 0x1f;
const size_t rem = STDMIN<size_t>(ret, STDMIN<size_t>(size, 16U /*buffer size*/));
std::memcpy(output, buffer, rem);
size -= rem; output += rem;
}
#else
throw PadlockRNG_Err("GenerateBlock", "PadlockRNG generator not available");
#endif // CRYPTOPP_X86_ASM_AVAILABLE
}
void PadlockRNG::DiscardBytes(size_t n)
{
FixedSizeSecBlock<word32, 4> discard;
n = RoundUpToMultipleOf(n, sizeof(word32));
size_t count = STDMIN(n, discard.SizeInBytes());
while (count)
{
GenerateBlock(discard.BytePtr(), count);
n -= count;
count = STDMIN(n, discard.SizeInBytes());
}
}
NAMESPACE_END
|
