1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
|
#ifndef BOTAN_BUILD_CONFIG_H__
#define BOTAN_BUILD_CONFIG_H__
/*
* This file was automatically generated %{timestamp} UTC by
* %{user}@%{hostname} running '%{command_line}'
*
* Target
* - Compiler: %{cxx} %{cxx_abi_flags} %{cc_compile_flags}
* - Arch: %{submodel}/%{arch}
* - OS: %{os}
*/
#define BOTAN_VERSION_MAJOR %{version_major}
#define BOTAN_VERSION_MINOR %{version_minor}
#define BOTAN_VERSION_PATCH %{version_patch}
#define BOTAN_VERSION_DATESTAMP %{version_datestamp}
#define BOTAN_VERSION_RELEASE_TYPE "%{release_type}"
#define BOTAN_VERSION_VC_REVISION "%{version_vc_rev}"
#define BOTAN_DISTRIBUTION_INFO "%{distribution_info}"
#define BOTAN_INSTALL_PREFIX R"(%{prefix})"
#define BOTAN_INSTALL_HEADER_DIR "%{includedir}/botan-%{version_major}.%{version_minor}"
#define BOTAN_INSTALL_LIB_DIR "%{libdir}"
#define BOTAN_LIB_LINK "%{link_to}"
#ifndef BOTAN_DLL
#define BOTAN_DLL %{visibility_attribute}
#endif
/* How much to allocate for a buffer of no particular size */
#define BOTAN_DEFAULT_BUFFER_SIZE 1024
/* Minimum and maximum sizes to allocate out of the mlock pool (bytes)
Default min is 16 as smaller values are easily bruteforceable and thus
likely not cryptographic keys.
*/
#define BOTAN_MLOCK_ALLOCATOR_MIN_ALLOCATION 16
#define BOTAN_MLOCK_ALLOCATOR_MAX_ALLOCATION 128
/*
* Total maximum amount of RAM (in KiB) we will lock into memory, even
* if the OS would let us lock more
*/
#define BOTAN_MLOCK_ALLOCATOR_MAX_LOCKED_KB 512
/* Multiplier on a block cipher's native parallelism */
#define BOTAN_BLOCK_CIPHER_PAR_MULT 4
/* How many bits per limb in a BigInt */
#define BOTAN_MP_WORD_BITS %{mp_bits}
/*
* If enabled uses memset via volatile function pointer to zero memory,
* otherwise does a byte at a time write via a volatile pointer.
*/
#define BOTAN_USE_VOLATILE_MEMSET_FOR_ZERO 1
/*
* If enabled the ECC implementation will use Montgomery ladder
* instead of a fixed window implementation.
*/
#define BOTAN_POINTGFP_BLINDED_MULTIPLY_USE_MONTGOMERY_LADDER 0
/*
* Set number of bits used to generate mask for blinding the scalar of
* a point multiplication. Set to zero to disable this side-channel
* countermeasure.
*/
#define BOTAN_POINTGFP_SCALAR_BLINDING_BITS 20
/*
* Set number of bits used to generate mask for blinding the
* representation of an ECC point. Set to zero to diable this
* side-channel countermeasure.
*/
#define BOTAN_POINTGFP_RANDOMIZE_BLINDING_BITS 80
/*
* Normally blinding is performed by choosing a random starting point (plus
* its inverse, of a form appropriate to the algorithm being blinded), and
* then choosing new blinding operands by successive squaring of both
* values. This is much faster than computing a new starting point but
* introduces some possible coorelation
*
* To avoid possible leakage problems in long-running processes, the blinder
* periodically reinitializes the sequence. This value specifies how often
* a new sequence should be started.
*/
#define BOTAN_BLINDING_REINIT_INTERVAL 32
/* PK key consistency checking toggles */
#define BOTAN_PUBLIC_KEY_STRONG_CHECKS_ON_LOAD 1
#define BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_LOAD 0
#define BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_GENERATE 1
/*
* RNGs will automatically poll the system for additional seed material
* after producing this many bytes of output.
*/
#define BOTAN_RNG_MAX_OUTPUT_BEFORE_RESEED 4096
#define BOTAN_RNG_RESEED_POLL_BITS 128
#define BOTAN_RNG_AUTO_RESEED_TIMEOUT std::chrono::milliseconds(10)
#define BOTAN_RNG_RESEED_DEFAULT_TIMEOUT std::chrono::milliseconds(50)
/*
* Specifies (in order) the list of entropy sources that will be used
* to seed an in-memory RNG. The first few in the default list
* ("timer", "proc_info", etc) do not count as contributing any entropy
* but are included as they are fast and help protect against a
* seriously broken system RNG.
*/
#define BOTAN_ENTROPY_DEFAULT_SOURCES \
{ "timestamp", "rdseed", "rdrand", "proc_info", \
"darwin_secrandom", "dev_random", "win32_cryptoapi", "egd", \
"proc_walk", "system_stats", "unix_procs" }
/*
* These control the RNG used by the system RNG interface
*/
#define BOTAN_SYSTEM_RNG_DEVICE "/dev/urandom"
#define BOTAN_SYSTEM_RNG_CRYPTOAPI_PROV_TYPE PROV_RSA_FULL
/*
* These paramaters control how many bytes to read from the system
* PRNG, and how long to block if applicable.
*
* Timeout is ignored on Windows as CryptGenRandom doesn't block
*/
#define BOTAN_SYSTEM_RNG_POLL_DEVICES { "/dev/urandom", "/dev/random", "/dev/srandom" }
#define BOTAN_SYSTEM_RNG_POLL_REQUEST 64
#define BOTAN_SYSTEM_RNG_POLL_TIMEOUT_MS 20
#define BOTAN_ENTROPY_EGD_PATHS { "/var/run/egd-pool", "/dev/egd-pool" }
#define BOTAN_ENTROPY_PROC_FS_PATH "/proc"
#define BOTAN_ENTROPY_SAFE_PATHS { "/bin", "/sbin", "/usr/bin", "/usr/sbin" }
/*
* Defines the static entropy estimates which each type of source uses.
* These values are expressed as the bits of entropy per byte of
* output (in double format) and should be conservative. These are used
* unless an entropy source has some more specific opinion on the entropy
* of the underlying source.
*/
// We include some high resolution timestamps because it can't hurt
#define BOTAN_ENTROPY_ESTIMATE_TIMESTAMPS 0
// Data which is system or process specific, but otherwise static
#define BOTAN_ENTROPY_ESTIMATE_STATIC_SYSTEM_DATA 0
// Binary system data of some kind
#define BOTAN_ENTROPY_ESTIMATE_SYSTEM_DATA 0.5
// Human readable text which has entropy
#define BOTAN_ENTROPY_ESTIMATE_SYSTEM_TEXT (1.0 / 64)
/*
The output of a hardware RNG such as RDRAND / RDSEED
By default such RNGs are used but not trusted, so that the standard
softare-based entropy polling is still used.
*/
#define BOTAN_ENTROPY_ESTIMATE_HARDWARE_RNG 0.0
/*
How often should the RdRand/RdSeed RNGs be polled
Each poll generates 32 bit entropy
*/
#define BOTAN_ENTROPY_INTEL_RNG_POLLS 32
// According to Intel RdRand is guaranteed to generate a random number within 10 retries on a working CPU
#define BOTAN_ENTROPY_RDRAND_RETRIES 10
/*
* RdSeed is not guaranteed to generate a random number within a specific number of retries
* Define the number of retries here
*/
#define BOTAN_ENTROPY_RDSEED_RETRIES 20
// The output of a PRNG we are trusting to be strong
#define BOTAN_ENTROPY_ESTIMATE_STRONG_RNG 7.0
/*
* Compiler and target specific flags
*/
/* Should we use GCC-style inline assembler? */
#if !defined(BOTAN_USE_GCC_INLINE_ASM) && defined(__GNUG__)
#define BOTAN_USE_GCC_INLINE_ASM 1
#endif
#ifdef __GNUC__
#define BOTAN_GCC_VERSION \
(__GNUC__ * 100 + __GNUC_MINOR__ * 10 + __GNUC_PATCHLEVEL__)
#else
#define BOTAN_GCC_VERSION 0
#endif
/* Target identification and feature test macros */
%{target_os_defines}
%{target_cpu_defines}
#if defined(BOTAN_TARGET_CPU_IS_LITTLE_ENDIAN) || \
defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN)
#define BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS
#endif
/*
* If no way of dynamically determining the cache line size for the
* system exists, this value is used as the default. Used by the side
* channel countermeasures rather than for alignment purposes, so it is
* better to be on the smaller side if the exact value cannot be
* determined. Typically 32 or 64 bytes on modern CPUs.
*/
#if !defined(BOTAN_TARGET_CPU_DEFAULT_CACHE_LINE_SIZE)
#define BOTAN_TARGET_CPU_DEFAULT_CACHE_LINE_SIZE 32
#endif
%{target_compiler_defines}
/*
* Compile-time deprecatation warnings
*/
#if !defined(BOTAN_NO_DEPRECATED_WARNINGS)
#if defined(__clang__)
#define BOTAN_DEPRECATED(msg) __attribute__ ((deprecated))
#elif defined(_MSC_VER)
#define BOTAN_DEPRECATED(msg) __declspec(deprecated(msg))
#elif defined(__GNUG__)
#if BOTAN_GCC_VERSION >= 450
#define BOTAN_DEPRECATED(msg) __attribute__ ((deprecated(msg)))
#else
#define BOTAN_DEPRECATED(msg) __attribute__ ((deprecated))
#endif
#endif
#endif
#if !defined(BOTAN_NORETURN)
#if defined (__clang__) || defined (__GNUG__)
#define BOTAN_NORETURN __attribute__ ((__noreturn__))
#elif defined (_MSC_VER)
#define BOTAN_NORETURN __declspec(noreturn)
#else
#define BOTAN_NORETURN
#endif
#endif
#if defined(_MSC_VER)
#define BOTAN_CURRENT_FUNCTION __FUNCTION__
#else
#define BOTAN_CURRENT_FUNCTION __func__
#endif
#if !defined(BOTAN_DEPRECATED)
#define BOTAN_DEPRECATED(msg)
#endif
#if defined(_MSC_VER) && (_MSC_VER < 1900)
// noexcept is not supported in VS 2013
#include <yvals.h>
#define BOTAN_NOEXCEPT _NOEXCEPT
#else
#define BOTAN_NOEXCEPT noexcept
#endif
/*
* Module availability definitions
*/
%{module_defines}
/*
* Local configuration options (if any) follow
*/
%{local_config}
// Append to macros living outside of functions, so that invocations must end with a semicolon.
// The struct is only declared to force the semicolon, it is never defined.
#define BOTAN_FORCE_SEMICOLON struct BOTAN_DUMMY_STRUCT
#endif
|
