BearSSL: Remove some unneeded defines

2025-09-14 10:05:44 -04:00 · 2025-08-22 07:20:51 +10:00 · 2025-08-22 07:20:51 +10:00 · 7bb3943467
commit 7bb3943467
parent 4c1919cdee
2 changed files with 17 additions and 176 deletions
--- a/third_party/bearssl/config.h
+++ b/third_party/bearssl/config.h
@ -35,18 +35,11 @@
 
 /* The x86 intrinsics seem to be incomplete compared to what aes_x86ni expects when compiling with NXDK */
 #ifdef NXDK
-#define BR_AES_X86NI 0
-#define BR_ENABLE_INTRINSICS 0
-#define BR_SSE2 0
-#define BR_RDRAND 0
-#undef _WIN32
+	#define BR_AES_X86NI 0
+	#define BR_ENABLE_INTRINSICS 0
+	#define BR_SSE2 0
 #endif

-/* Rely on ClassiCube's implementation for RNG */
-#define BR_USE_WIN32_RAND 0
-#define BR_USE_URANDOM 0
-#define BR_USE_GETENTROPY 0
-
 /* intrin.h doesn't exist in older TinyC */
 #if defined __TINYC__
 #define BR_INT128 0
@ -107,54 +100,6 @@
 #define BR_NO_ARITH_SHIFT   1
 */

-/*
- * When BR_RDRAND is enabled, the SSL engine will use the RDRAND opcode
- * to automatically obtain quality randomness for seeding its internal
- * PRNG. Since that opcode is present only in recent x86 CPU, its
- * support is dynamically tested; if the current CPU does not support
- * it, then another random source will be used, such as /dev/urandom or
- * CryptGenRandom().
- *
-#define BR_RDRAND   1
- */
-
-/*
- * When BR_USE_GETENTROPY is enabled, the SSL engine will use the
- * getentropy() function to obtain quality randomness for seeding its
- * internal PRNG. On Linux and FreeBSD, getentropy() is implemented by
- * the standard library with the system call getrandom(); on OpenBSD,
- * getentropy() is the system call, and there is no getrandom() wrapper,
- * hence the use of the getentropy() function for maximum portability.
- *
- * If the getentropy() call fails, and BR_USE_URANDOM is not explicitly
- * disabled, then /dev/urandom will be used as a fallback mechanism. On
- * FreeBSD and OpenBSD, this does not change much, since /dev/urandom
- * will block if not enough entropy has been obtained since last boot.
- * On Linux, /dev/urandom might not block, which can be troublesome in
- * early boot stages, which is why getentropy() is preferred.
- *
-#define BR_USE_GETENTROPY   1
- */
-
-/*
- * When BR_USE_URANDOM is enabled, the SSL engine will use /dev/urandom
- * to automatically obtain quality randomness for seeding its internal
- * PRNG.
- *
-#define BR_USE_URANDOM   1
- */
-
-/*
- * When BR_USE_WIN32_RAND is enabled, the SSL engine will use the Win32
- * (CryptoAPI) functions (CryptAcquireContext(), CryptGenRandom()...) to
- * automatically obtain quality randomness for seeding its internal PRNG.
- *
- * Note: if both BR_USE_URANDOM and BR_USE_WIN32_RAND are defined, the
- * former takes precedence.
- *
-#define BR_USE_WIN32_RAND   1
- */
-
 /*
 * When BR_ARMEL_CORTEXM_GCC is enabled, some operations are replaced with
 * inline assembly which is shorter and/or faster. This should be used
@ -190,16 +135,6 @@
 #define BR_SSE2   1
 */

-/*
- * When BR_POWER8 is enabled, the AES implementation using the POWER ISA
- * 2.07 opcodes (available on POWER8 processors and later) is compiled.
- * If this is not enabled explicitly, then that implementation will be
- * compiled only if a compatible compiler is detected, _and_ the target
- * architecture is POWER8 or later.
- *
-#define BR_POWER8   1
- */
-
 /*
 * When BR_INT128 is enabled, then code using the 'unsigned __int64'
 * and 'unsigned __int128' types will be used to leverage 64x64->128
--- a/third_party/bearssl/inner.h
+++ b/third_party/bearssl/inner.h
@ -290,106 +290,22 @@
 #endif

 /*
- * RDRAND intrinsics are available on x86 (32-bit and 64-bit) with
- * GCC 4.6+, Clang 3.7+ and MSC 2012+.
+ * Detect support for unaligned accesses with known endianness.
+ *
+ *  x86 (both 32-bit and 64-bit) is little-endian and allows unaligned
+ *  accesses.
+ *
+ *  POWER/PowerPC allows unaligned accesses when big-endian.
 */
-#ifndef BR_RDRAND
-#if (BR_i386 || BR_amd64) && (BR_GCC_4_6 || BR_CLANG_3_7 || BR_MSC_2012)
-#define BR_RDRAND   1
-#endif
+#if !defined BR_LE_UNALIGNED && !defined BR_BE_UNALIGNED
+
+#if __i386 || __i386__ || __x86_64__ || _M_IX86 || _M_X64
+#define BR_LE_UNALIGNED   1
+#elif (__powerpc__ || __powerpc64__ || _M_PPC || _ARCH_PPC || _ARCH_PPC64) \
+	&& __BIG_ENDIAN__
+#define BR_BE_UNALIGNED   1
 #endif

-/*
- * Determine type of OS for random number generation. Macro names and
- * values are documented on:
- *    https://sourceforge.net/p/predef/wiki/OperatingSystems/
- *
- * Win32's CryptGenRandom() should be available on Windows systems.
- *
- * /dev/urandom should work on all Unix-like systems (including macOS X).
- *
- * getentropy() is present on Linux (Glibc 2.25+), FreeBSD (12.0+) and
- * OpenBSD (5.6+). For OpenBSD, there does not seem to be easy to use
- * macros to test the minimum version, so we just assume that it is
- * recent enough (last version without getentropy() has gone out of
- * support in May 2015).
- *
- * Ideally we should use getentropy() on macOS (10.12+) too, but I don't
- * know how to test the exact OS version with preprocessor macros.
- *
- * TODO: enrich the list of detected system.
- */
-
-#ifndef BR_USE_URANDOM
-#if defined _AIX \
-	|| defined __ANDROID__ \
-	|| defined __FreeBSD__ \
-	|| defined __NetBSD__ \
-	|| defined __OpenBSD__ \
-	|| defined __DragonFly__ \
-	|| defined __linux__ \
-	|| (defined __sun && (defined __SVR4 || defined __svr4__)) \
-	|| (defined __APPLE__ && defined __MACH__)
-#define BR_USE_URANDOM   1
-#endif
-#endif
-
-#ifndef BR_USE_GETENTROPY
-#if (defined __linux__ \
-	&& (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 25))) \
-	|| (defined __FreeBSD__ && __FreeBSD__ >= 12) \
-	|| defined __OpenBSD__
-#define BR_USE_GETENTROPY   1
-#endif
-#endif
-
-#ifndef BR_USE_WIN32_RAND
-#if defined _WIN32 || defined _WIN64
-#define BR_USE_WIN32_RAND   1
-#endif
-#endif
-
-/*
- * POWER8 crypto support. We rely on compiler macros for the
- * architecture, since we do not have a reliable, simple way to detect
- * the required support at runtime (we could try running an opcode, and
- * trapping the exception or signal on illegal instruction, but this
- * induces some non-trivial OS dependencies that we would prefer to
- * avoid if possible).
- */
-#ifndef BR_POWER8
-#if __GNUC__ && ((_ARCH_PWR8 || _ARCH_PPC) && __CRYPTO__)
-#define BR_POWER8   1
-#endif
-#endif
-
-/*
- * Detect endinanness on POWER8.
- */
-#if BR_POWER8
-#if defined BR_POWER8_LE
-#undef BR_POWER8_BE
-#if BR_POWER8_LE
-#define BR_POWER8_BE   0
-#else
-#define BR_POWER8_BE   1
-#endif
-#elif defined BR_POWER8_BE
-#undef BR_POWER8_LE
-#if BR_POWER8_BE
-#define BR_POWER8_LE   0
-#else
-#define BR_POWER8_LE   1
-#endif
-#else
-#if __LITTLE_ENDIAN__
-#define BR_POWER8_LE   1
-#define BR_POWER8_BE   0
-#else
-#define BR_POWER8_LE   0
-#define BR_POWER8_BE   1
-#endif
-#endif
 #endif

 /*
@ -408,21 +324,11 @@
 *
 *  x86 (both 32-bit and 64-bit) is little-endian and allows unaligned
 *  accesses.
- *
- *  POWER/PowerPC allows unaligned accesses when big-endian. POWER8 and
- *  later also allow unaligned accesses when little-endian.
 */
-#if !defined BR_LE_UNALIGNED && !defined BR_BE_UNALIGNED
+#if !defined BR_LE_UNALIGNED

 #if __i386 || __i386__ || __x86_64__ || _M_IX86 || _M_X64
 #define BR_LE_UNALIGNED   1
-#elif BR_POWER8_BE
-#define BR_BE_UNALIGNED   1
-#elif BR_POWER8_LE
-#define BR_LE_UNALIGNED   1
-#elif (__powerpc__ || __powerpc64__ || _M_PPC || _ARCH_PPC || _ARCH_PPC64) \
-	&& __BIG_ENDIAN__
-#define BR_BE_UNALIGNED   1
 #endif

 #endif