From 7bb3943467cadf35b20995d35beaa537e8634919 Mon Sep 17 00:00:00 2001 From: UnknownShadow200 Date: Fri, 22 Aug 2025 07:20:51 +1000 Subject: [PATCH] BearSSL: Remove some unneeded defines --- third_party/bearssl/config.h | 71 +------------------- third_party/bearssl/inner.h | 122 ++++------------------------------- 2 files changed, 17 insertions(+), 176 deletions(-) diff --git a/third_party/bearssl/config.h b/third_party/bearssl/config.h index 3ef9dbf20..b12d3dca9 100644 --- a/third_party/bearssl/config.h +++ b/third_party/bearssl/config.h @@ -35,18 +35,11 @@ /* The x86 intrinsics seem to be incomplete compared to what aes_x86ni expects when compiling with NXDK */ #ifdef NXDK -#define BR_AES_X86NI 0 -#define BR_ENABLE_INTRINSICS 0 -#define BR_SSE2 0 -#define BR_RDRAND 0 -#undef _WIN32 + #define BR_AES_X86NI 0 + #define BR_ENABLE_INTRINSICS 0 + #define BR_SSE2 0 #endif -/* Rely on ClassiCube's implementation for RNG */ -#define BR_USE_WIN32_RAND 0 -#define BR_USE_URANDOM 0 -#define BR_USE_GETENTROPY 0 - /* intrin.h doesn't exist in older TinyC */ #if defined __TINYC__ #define BR_INT128 0 @@ -107,54 +100,6 @@ #define BR_NO_ARITH_SHIFT 1 */ -/* - * When BR_RDRAND is enabled, the SSL engine will use the RDRAND opcode - * to automatically obtain quality randomness for seeding its internal - * PRNG. Since that opcode is present only in recent x86 CPU, its - * support is dynamically tested; if the current CPU does not support - * it, then another random source will be used, such as /dev/urandom or - * CryptGenRandom(). - * -#define BR_RDRAND 1 - */ - -/* - * When BR_USE_GETENTROPY is enabled, the SSL engine will use the - * getentropy() function to obtain quality randomness for seeding its - * internal PRNG. On Linux and FreeBSD, getentropy() is implemented by - * the standard library with the system call getrandom(); on OpenBSD, - * getentropy() is the system call, and there is no getrandom() wrapper, - * hence the use of the getentropy() function for maximum portability. - * - * If the getentropy() call fails, and BR_USE_URANDOM is not explicitly - * disabled, then /dev/urandom will be used as a fallback mechanism. On - * FreeBSD and OpenBSD, this does not change much, since /dev/urandom - * will block if not enough entropy has been obtained since last boot. - * On Linux, /dev/urandom might not block, which can be troublesome in - * early boot stages, which is why getentropy() is preferred. - * -#define BR_USE_GETENTROPY 1 - */ - -/* - * When BR_USE_URANDOM is enabled, the SSL engine will use /dev/urandom - * to automatically obtain quality randomness for seeding its internal - * PRNG. - * -#define BR_USE_URANDOM 1 - */ - -/* - * When BR_USE_WIN32_RAND is enabled, the SSL engine will use the Win32 - * (CryptoAPI) functions (CryptAcquireContext(), CryptGenRandom()...) to - * automatically obtain quality randomness for seeding its internal PRNG. - * - * Note: if both BR_USE_URANDOM and BR_USE_WIN32_RAND are defined, the - * former takes precedence. - * -#define BR_USE_WIN32_RAND 1 - */ - /* * When BR_ARMEL_CORTEXM_GCC is enabled, some operations are replaced with * inline assembly which is shorter and/or faster. This should be used @@ -190,16 +135,6 @@ #define BR_SSE2 1 */ -/* - * When BR_POWER8 is enabled, the AES implementation using the POWER ISA - * 2.07 opcodes (available on POWER8 processors and later) is compiled. - * If this is not enabled explicitly, then that implementation will be - * compiled only if a compatible compiler is detected, _and_ the target - * architecture is POWER8 or later. - * -#define BR_POWER8 1 - */ - /* * When BR_INT128 is enabled, then code using the 'unsigned __int64' * and 'unsigned __int128' types will be used to leverage 64x64->128 diff --git a/third_party/bearssl/inner.h b/third_party/bearssl/inner.h index 3cc6b4c09..b9a80eb49 100644 --- a/third_party/bearssl/inner.h +++ b/third_party/bearssl/inner.h @@ -290,106 +290,22 @@ #endif /* - * RDRAND intrinsics are available on x86 (32-bit and 64-bit) with - * GCC 4.6+, Clang 3.7+ and MSC 2012+. + * Detect support for unaligned accesses with known endianness. + * + * x86 (both 32-bit and 64-bit) is little-endian and allows unaligned + * accesses. + * + * POWER/PowerPC allows unaligned accesses when big-endian. */ -#ifndef BR_RDRAND -#if (BR_i386 || BR_amd64) && (BR_GCC_4_6 || BR_CLANG_3_7 || BR_MSC_2012) -#define BR_RDRAND 1 -#endif +#if !defined BR_LE_UNALIGNED && !defined BR_BE_UNALIGNED + +#if __i386 || __i386__ || __x86_64__ || _M_IX86 || _M_X64 +#define BR_LE_UNALIGNED 1 +#elif (__powerpc__ || __powerpc64__ || _M_PPC || _ARCH_PPC || _ARCH_PPC64) \ + && __BIG_ENDIAN__ +#define BR_BE_UNALIGNED 1 #endif -/* - * Determine type of OS for random number generation. Macro names and - * values are documented on: - * https://sourceforge.net/p/predef/wiki/OperatingSystems/ - * - * Win32's CryptGenRandom() should be available on Windows systems. - * - * /dev/urandom should work on all Unix-like systems (including macOS X). - * - * getentropy() is present on Linux (Glibc 2.25+), FreeBSD (12.0+) and - * OpenBSD (5.6+). For OpenBSD, there does not seem to be easy to use - * macros to test the minimum version, so we just assume that it is - * recent enough (last version without getentropy() has gone out of - * support in May 2015). - * - * Ideally we should use getentropy() on macOS (10.12+) too, but I don't - * know how to test the exact OS version with preprocessor macros. - * - * TODO: enrich the list of detected system. - */ - -#ifndef BR_USE_URANDOM -#if defined _AIX \ - || defined __ANDROID__ \ - || defined __FreeBSD__ \ - || defined __NetBSD__ \ - || defined __OpenBSD__ \ - || defined __DragonFly__ \ - || defined __linux__ \ - || (defined __sun && (defined __SVR4 || defined __svr4__)) \ - || (defined __APPLE__ && defined __MACH__) -#define BR_USE_URANDOM 1 -#endif -#endif - -#ifndef BR_USE_GETENTROPY -#if (defined __linux__ \ - && (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 25))) \ - || (defined __FreeBSD__ && __FreeBSD__ >= 12) \ - || defined __OpenBSD__ -#define BR_USE_GETENTROPY 1 -#endif -#endif - -#ifndef BR_USE_WIN32_RAND -#if defined _WIN32 || defined _WIN64 -#define BR_USE_WIN32_RAND 1 -#endif -#endif - -/* - * POWER8 crypto support. We rely on compiler macros for the - * architecture, since we do not have a reliable, simple way to detect - * the required support at runtime (we could try running an opcode, and - * trapping the exception or signal on illegal instruction, but this - * induces some non-trivial OS dependencies that we would prefer to - * avoid if possible). - */ -#ifndef BR_POWER8 -#if __GNUC__ && ((_ARCH_PWR8 || _ARCH_PPC) && __CRYPTO__) -#define BR_POWER8 1 -#endif -#endif - -/* - * Detect endinanness on POWER8. - */ -#if BR_POWER8 -#if defined BR_POWER8_LE -#undef BR_POWER8_BE -#if BR_POWER8_LE -#define BR_POWER8_BE 0 -#else -#define BR_POWER8_BE 1 -#endif -#elif defined BR_POWER8_BE -#undef BR_POWER8_LE -#if BR_POWER8_BE -#define BR_POWER8_LE 0 -#else -#define BR_POWER8_LE 1 -#endif -#else -#if __LITTLE_ENDIAN__ -#define BR_POWER8_LE 1 -#define BR_POWER8_BE 0 -#else -#define BR_POWER8_LE 0 -#define BR_POWER8_BE 1 -#endif -#endif #endif /* @@ -408,21 +324,11 @@ * * x86 (both 32-bit and 64-bit) is little-endian and allows unaligned * accesses. - * - * POWER/PowerPC allows unaligned accesses when big-endian. POWER8 and - * later also allow unaligned accesses when little-endian. */ -#if !defined BR_LE_UNALIGNED && !defined BR_BE_UNALIGNED +#if !defined BR_LE_UNALIGNED #if __i386 || __i386__ || __x86_64__ || _M_IX86 || _M_X64 #define BR_LE_UNALIGNED 1 -#elif BR_POWER8_BE -#define BR_BE_UNALIGNED 1 -#elif BR_POWER8_LE -#define BR_LE_UNALIGNED 1 -#elif (__powerpc__ || __powerpc64__ || _M_PPC || _ARCH_PPC || _ARCH_PPC64) \ - && __BIG_ENDIAN__ -#define BR_BE_UNALIGNED 1 #endif #endif