| alignment_buffer.h |
Defines the strategy for handling the final block of input data in the
handle_unaligned_data() method of the AlignmentBuffer<>.
- is_not_special: the final block is treated like any other block
- must_be_deferred: the final block is not emitted while bulk processing (typically add_data())
but is deferred until manually consumed (typically final_result())
The AlignmentBuffer<> assumes data to be "the final block" if no further
input data is available in the BufferSlicer<>. This might result in some
performance overhead when using the must_be_deferred strategy.
|
9917 |
- |
| allocator.cpp |
|
1737 |
- |
| allocator.h |
Define BOTAN_MALLOC_FN
|
1411 |
- |
| api.h |
Used to annotate API exports which are public and supported.
These APIs will not be broken/removed unless strictly required for
functionality or security, and only in new major versions.
@param maj The major version this public API was released in
@param min The minor version this public API was released in
|
4441 |
- |
| assert.cpp |
|
1872 |
- |
| assert.h |
Called when an assertion fails
Throws an Exception object
|
7363 |
- |
| bit_ops.h |
If top bit of arg is set, return |1| (all bits set). Otherwise return |0| (all bits unset)
|
8963 |
- |
| bitvector |
|
|
- |
| boost |
|
|
- |
| bswap.h |
Swap the byte order of an unsigned integer
|
1673 |
- |
| buffer_slicer.h |
Helper class to ease unmarshalling of concatenated fixed-length values
|
2147 |
- |
| buffer_stuffer.h |
@brief Helper class to ease in-place marshalling of concatenated fixed-length
values.
The size of the final buffer must be known from the start, reallocations are
not performed.
|
2184 |
- |
| calendar.cpp |
Portable replacement for timegm, _mkgmtime, etc
Algorithm due to Howard Hinnant
See https://howardhinnant.github.io/date_algorithms.html#days_from_civil
for details and explanation. The code is slightly simplified by our assumption
that the date is at least 1970, which is sufficient for our purposes.
|
3177 |
- |
| calendar.h |
Struct representing a particular date and time
|
2439 |
- |
| charset.cpp |
Convert from ISO 8859-1 to UTF-8
|
5571 |
- |
| charset.h |
Convert a sequence of UCS-2 (big endian) characters to a UTF-8 string
This is used for ASN.1 BMPString type
@param ucs2 the sequence of UCS-2 characters
@param len length of ucs2 in bytes, must be a multiple of 2
|
2434 |
- |
| codec_base.h |
Perform encoding using the base provided
@param base object giving access to the encodings specifications
@param output an array of at least base.encode_max_output bytes
@param input is some binary data
@param input_length length of input in bytes
@param input_consumed is an output parameter which says how many
bytes of input were actually consumed. If less than
input_length, then the range input[consumed:length]
should be passed in later along with more input.
@param final_inputs true iff this is the last input, in which case
padding chars will be applied if needed
@return number of bytes written to output
|
6842 |
- |
| compiler.h |
Define BOTAN_COMPILER_HAS_BUILTIN
|
2168 |
- |
| concat_util.h |
Helper function that performs range size-checks as required given the
selected output and input range types. If all lengths are known at compile
time, this check will be performed at compile time as well. It will then
instantiate an output range and concatenate the input ranges' contents.
|
5396 |
- |
| concepts.h |
Helper type to indicate that a certain type should be automatically
detected based on the context.
|
2447 |
- |
| cpuid |
|
|
- |
| ct_utils.cpp |
We do not poison the input here because if we did we would have
to unpoison it at exit. We assume instead that callers have
already poisoned the input and will unpoison it at their own
time.
|
3682 |
- |
| ct_utils.h |
Use valgrind to mark the contents of memory as being undefined.
Valgrind will accept operations which manipulate undefined values,
but will warn if an undefined value is used to decided a conditional
jump or a load/store address. So if we poison all of our inputs we
can confirm that the operations in question are truly const time
when compiled by whatever compiler is in use.
Even better, the VALGRIND_MAKE_MEM_* macros work even when the
program is not run under valgrind (though with a few cycles of
overhead, which is unfortunate in final binaries as these
annotations tend to be used in fairly important loops).
This approach was first used in ctgrind (https://github.com/agl/ctgrind)
but calling the valgrind mecheck API directly works just as well and
doesn't require a custom patched valgrind.
|
26893 |
- |
| data_src.cpp |
Read a single byte from the DataSource
|
4764 |
- |
| data_src.h |
This class represents an abstract data source object.
|
6168 |
- |
| database.h |
NOLINT(*-special-member-functions) |
2543 |
- |
| donna128.h |
|
4003 |
- |
| dyn_load |
|
|
- |
| exceptn.cpp |
|
5300 |
- |
| exceptn.h |
Different types of errors that might occur
|
10489 |
- |
| filesystem.cpp |
|
3508 |
- |
| filesystem.h |
No_Filesystem_Access Exception
|
632 |
- |
| fmt.h |
Simple formatter utility.
Should be replaced with std::format once that's available on all our
supported compilers.
'{}' markers in the format string are replaced by the arguments.
Unlike std::format, there is no support for escaping or for any kind
of conversion flags.
|
1388 |
- |
| gfni_utils.h |
|
960 |
- |
| ghash |
|
|
- |
| http_util |
|
|
- |
| info.txt |
|
724 |
- |
| int_utils.h |
SWAR (SIMD within a word) byte-by-byte comparison
This individually compares each byte of the provided words.
It returns a mask which contains, for each byte, 0xFF if
the byte in @p a was less than the byte in @p b. Otherwise the
mask is 00.
This implementation assumes that the high bits of each byte
in both @p a and @p b are clear! It is possible to support the
full range of bytes, but this requires additional comparisons.
|
4479 |
- |
| isa_extn.h |
GCC and Clang use string identifiers to tag ISA extensions (eg using the
`target` function attribute).
This file consolidates the actual definition of such target attributes
|
3378 |
- |
| loadstor.h |
@file loadstor.h
@brief This header contains various helper functions to load and store
unsigned integers in big- or little-endian byte order.
Storing integer values in various ways (same for BE and LE):
@code {.cpp}
std::array<uint8_t, 8> bytes = store_le(some_uint64);
std::array<uint8_t, 12> bytes = store_le(some_uint32_1, some_uint32_2, some_uint32_3, ...);
auto bytes = store_le<std::vector<uint8_t>>(some_uint64);
auto bytes = store_le<MyContainerStrongType>(some_uint64);
auto bytes = store_le<std::vector<uint8_t>>(vector_of_ints);
auto bytes = store_le<secure_vector<uint8_t>>(some_uint32_1, some_uint32_2, some_uint32_3, ...);
store_le(bytes, some_uint64);
store_le(concatenated_bytes, some_uint64_1, some_uint64_2, some_uint64_3, ...);
store_le(concatenated_bytes, vector_of_ints);
copy_out_le(short_concated_bytes, vector_of_ints); // stores as many bytes as required in the output buffer
@endcode
Loading integer values in various ways (same for BE and LE):
@code {.cpp}
uint64_t some_uint64 = load_le(bytes_8);
auto some_int32s = load_le<std::vector<uint32_t>>(concatenated_bytes);
auto some_int32s = load_le<std::vector<MyIntStrongType>>(concatenated_bytes);
auto some_int32s = load_le(some_strong_typed_bytes);
auto strong_int = load_le<MyStrongTypedInteger>(concatenated_bytes);
load_le(concatenated_bytes, out_some_uint64);
load_le(concatenated_bytes, out_some_uint64_1, out_some_uint64_2, out_some_uint64_3, ...);
load_le(out_vector_of_ints, concatenated_bytes);
@endcode
|
30805 |
- |
| locking_allocator |
|
|
- |
| mem_ops.cpp |
|
740 |
- |
| mem_ops.h |
The header mem_ops.h previously included the contents of allocator.h
Library code should always include allocator.h to see these
declarations; however when we are not building the library continue to
include the header here to avoid breaking application code.
|
15649 |
- |
| mem_pool |
|
|
- |
| mem_utils.cpp |
Call memset through a static volatile pointer, which the compiler should
not elide. This construct should be safe in conforming compilers, but who
knows. This has been checked to generate the expected code, which saves the
memset address in the data segment and unconditionally loads and jumps to
that address, with the following targets:
x86-64: Clang 19, GCC 6, 11, 13, 14
riscv64: GCC 14
aarch64: GCC 14
armv7: GCC 14
Actually all of them generated the expected jump even without marking the
function pointer as volatile. However this seems worth including as an
additional precaution.
|
1750 |
- |
| mem_utils.h |
Zeroize memory contents in a way that a compiler should not elide,
using some system specific technique.
Use this function to scrub memory just before deallocating it, or on
a stack buffer before returning from the function.
@param ptr a pointer to memory to scrub
@param n the number of bytes pointed to by ptr
|
2151 |
- |
| mul128.h |
Perform a 64x64->128 bit multiplication
|
1952 |
- |
| mutex.h |
|
1075 |
- |
| os_utils |
|
|
- |
| parsing.cpp |
Parse a SCAN-style algorithm name
|
11959 |
- |
| parsing.h |
Parse a SCAN-style algorithm name
@param scan_name the name
@return the name components
|
2702 |
- |
| poly_dbl |
|
|
- |
| prefetch.cpp |
The combiner variable is initialized with 1, and we accumulate using OR, so
now combiner must be a value other than zero. This being the case we will
always return zero here. Hopefully the compiler will not figure this out.
|
1316 |
- |
| prefetch.h |
Prefetch an array
This function returns a uint64_t which is accumulated from values
read from the array. This may help confuse the compiler sufficiently
to not elide otherwise "useless" reads. The return value will always
be zero.
|
1015 |
- |
| range_concepts.h |
Models a std::ranges::contiguous_range that (optionally) restricts its
value_type to ValueT. In other words: a stretch of contiguous memory of
a certain type (optional ValueT).
|
4025 |
- |
| read_cfg.cpp |
|
1433 |
- |
| read_kv.cpp |
|
1756 |
- |
| rotate.h |
Bit rotation left by a compile-time constant amount
@param input the input word
@return input rotated left by ROT bits
|
2219 |
- |
| rounding.h |
Integer rounding
Returns an integer z such that n <= z <= n + align_to
and z % align_to == 0
@param n an integer
@param align_to the alignment boundary
@return n rounded up to a multiple of align_to
|
887 |
- |
| scan_name.cpp |
|
3541 |
- |
| scan_name.h |
A class encapsulating a SCAN name (similar to JCE conventions)
http://www.users.zetnet.co.uk/hopwood/crypto/scan/
|
3079 |
- |
| scoped_cleanup.h |
@brief Helper class to create a RAII-style cleanup callback
Ensures that the cleanup callback given in the object's constructor is called
when the object is destroyed. Use this to ensure some cleanup code runs when
leaving the current scope.
|
1561 |
- |
| simd |
|
|
- |
| socket |
|
|
- |
| sqlite3 |
|
|
- |
| stack_scrubbing.h |
When a function definition is annotated with this macro, the compiler
generates a wrapper for the function's body to handle stack scrubbing
in the wrapper. In contrast to 'strub("at-calls")' this does not alter
the function's ABI.
It is okay to use this annotation on C++ method definitions (in *.cpp),
even if the function is a public API.
Currently this is supported on GCC 14+ only
See: https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/Common-Type-Attributes.html#index-strub-type-attribute
|
1330 |
- |
| stl_util.h |
Reduce the values of @p keys into an accumulator initialized with @p acc using
the reducer function @p reducer.
The @p reducer is a function taking the accumulator and a single key to return the
new accumulator. Keys are consecutively reduced into the accumulator.
@return the accumulator containing the reduction of @p keys
|
4735 |
- |
| strong_type.h |
Added as an additional "capability tag" to enable arithmetic operators with
plain numbers for Strong<> types that wrap a number.
|
25921 |
- |
| thread_utils |
|
|
- |
| time_utils.h |
|
1031 |
- |
| tree_hash |
|
|
- |
| types.h |
MSVC does define __cplusplus but pins it at 199711L, because "legacy".
Note: There is a compiler switch to enable standard behavior (/Zc:__cplusplus),
but we can't control that in downstream applications.
See: https://learn.microsoft.com/en-us/cpp/build/reference/zc-cplusplus
|
5707 |
- |
| uuid |
|
|
- |
| value_barrier.h |
This function returns its argument, but (if called in a non-constexpr context)
attempts to prevent the compiler from reasoning about the value or the possible
range of values. Such optimizations have a way of breaking constant time code.
The method that is use is decided at configuration time based on the target
compiler and architecture (see `ct_value_barrier` blocks in `src/build-data/cc`).
The decision can be overridden by the user with the configure.py option
`--ct-value-barrier-type=`
There are three options currently possible in the data files and with the
option:
* `asm`: Use an inline assembly expression which (currently) prevents Clang
and GCC from optimizing based on the possible value of the input expression.
* `volatile`: Launder the input through a volatile variable. This is likely
to cause significant performance regressions since the value must be
actually stored and loaded back from memory each time.
* `none`: disable constant time barriers entirely. This is used
with MSVC, which is not known to perform optimizations that break
constant time code and which does not support GCC-style inline asm.
|
2305 |
- |
| version.cpp |
Return parts of the version as integers
|
1851 |
- |
| version.h |
Get information describing the version
|
4522 |
- |