void HELPER(gvec_fcmlas_idx)(void *vd, void *vn, void *vm, void *vfpst, uint32_t desc) { uintptr_t opr_sz = simd_oprsz(desc); float32 *d = vd; float32 *n = vn; float32 *m = vm; float_status *fpst = vfpst; intptr_t flip = extract32(desc, SIMD_DATA_SHIFT, 1); uint32_t neg_imag = extract32(desc, SIMD_DATA_SHIFT + 1, 1); uint32_t neg_real = flip ^ neg_imag; uintptr_t i; float32 e1 = m[H4(flip)]; float32 e3 = m[H4(1 - flip)]; /* Shift boolean to the sign bit so we can xor to negate. */ neg_real <<= 31; neg_imag <<= 31; e1 ^= neg_real; e3 ^= neg_imag; for (i = 0; i < opr_sz / 4; i += 2) { float32 e2 = n[H4(i + flip)]; float32 e4 = e2; d[H4(i)] = float32_muladd(e2, e1, d[H4(i)], 0, fpst); d[H4(i + 1)] = float32_muladd(e4, e3, d[H4(i + 1)], 0, fpst); } clear_tail(d, opr_sz, simd_maxsz(desc)); }
void HELPER(gvec_fcadds)(void *vd, void *vn, void *vm, void *vfpst, uint32_t desc) { uintptr_t opr_sz = simd_oprsz(desc); float32 *d = vd; float32 *n = vn; float32 *m = vm; float_status *fpst = vfpst; uint32_t neg_real = extract32(desc, SIMD_DATA_SHIFT, 1); uint32_t neg_imag = neg_real ^ 1; uintptr_t i; /* Shift boolean to the sign bit so we can xor to negate. */ neg_real <<= 31; neg_imag <<= 31; for (i = 0; i < opr_sz / 4; i += 2) { float32 e0 = n[H4(i)]; float32 e1 = m[H4(i + 1)] ^ neg_imag; float32 e2 = n[H4(i + 1)]; float32 e3 = m[H4(i)] ^ neg_real; d[H4(i)] = float32_add(e0, e1, fpst); d[H4(i + 1)] = float32_add(e2, e3, fpst); } clear_tail(d, opr_sz, simd_maxsz(desc)); }
Molecule C2H4() { int nAtoms = 6; Eigen::Vector3d C1(0.0000000000, 0.0000000000, 1.2578920000); Eigen::Vector3d H1(0.0000000000, 1.7454620000, 2.3427160000); Eigen::Vector3d H2(0.0000000000, -1.7454620000, 2.3427160000); Eigen::Vector3d C2(0.0000000000, 0.0000000000, -1.2578920000); Eigen::Vector3d H3(0.0000000000, 1.7454620000, -2.3427160000); Eigen::Vector3d H4(0.0000000000, -1.7454620000, -2.3427160000); Eigen::MatrixXd geom(3, nAtoms); geom.col(0) = C1.transpose(); geom.col(1) = H1.transpose(); geom.col(2) = H2.transpose(); geom.col(3) = C2.transpose(); geom.col(4) = H3.transpose(); geom.col(5) = H4.transpose(); Eigen::VectorXd charges(6), masses(6); charges << 6.0, 1.0, 1.0, 6.0, 1.0, 1.0; masses << 12.00, 1.0078250, 1.0078250, 12.0, 1.0078250, 1.0078250; double radiusC = (1.70 * 1.20) / convertBohrToAngstrom; double radiusH = (1.20 * 1.20) / convertBohrToAngstrom; std::vector<Atom> atoms; atoms.push_back( Atom("Carbon", "C", charges(0), masses(0), radiusC, C1, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(1), masses(1), radiusH, H1, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(2), masses(2), radiusH, H2, 1.0) ); atoms.push_back( Atom("Carbon", "C", charges(3), masses(3), radiusC, C2, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(4), masses(4), radiusH, H3, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(5), masses(5), radiusH, H4, 1.0) ); std::vector<Sphere> spheres; Sphere sph1(C1, radiusC); Sphere sph2(H1, radiusH); Sphere sph3(H2, radiusH); Sphere sph4(C2, radiusC); Sphere sph5(H3, radiusH); Sphere sph6(H4, radiusH); spheres.push_back(sph1); spheres.push_back(sph2); spheres.push_back(sph3); spheres.push_back(sph4); spheres.push_back(sph5); spheres.push_back(sph6); // D2h as generated by Oxy, Oxz, Oyz Symmetry pGroup = buildGroup(3, 4, 2, 1); return Molecule(nAtoms, charges, masses, geom, atoms, spheres, pGroup); };
static inline void fix_endians(apacket *p) { p->msg.command = H4(p->msg.command); p->msg.arg0 = H4(p->msg.arg0); p->msg.arg1 = H4(p->msg.arg1); p->msg.data_length = H4(p->msg.data_length); p->msg.data_check = H4(p->msg.data_check); p->msg.magic = H4(p->msg.magic); }
int PackTmt::readFileHeader() { #define H(x) get_le16(h+2*(x)) #define H4(x) get_le32(h+(x)) unsigned char h[0x40]; int ic; unsigned exe_offset = 0; adam_offset = 0; for (ic = 0; ic < 20; ic++) { fi->seek(adam_offset,SEEK_SET); fi->readx(h,sizeof(h)); if (memcmp(h,"MZ",2) == 0) // dos exe { exe_offset = adam_offset; adam_offset += H(2)*512+H(1); if (H(1)) adam_offset -= 512; if (H(0x18/2) == 0x40 && H4(0x3c)) adam_offset = H4(0x3c); } else if (memcmp(h,"BW",2) == 0) adam_offset += H(2)*512+H(1); else if (memcmp(h,"PMW1",4) == 0) { fi->seek(adam_offset + H4(0x18),SEEK_SET); adam_offset += H4(0x24); int objs = H4(0x1c); while (objs--) { fi->readx(h,0x18); adam_offset += H4(4); } } else if (memcmp(h,"LE",2) == 0) { // + (memory_pages-1)*memory_page_size+bytes_on_last_page unsigned offs = exe_offset + (H4(0x14) - 1) * H4(0x28) + H4(0x2c); fi->seek(adam_offset+0x80,SEEK_SET); fi->readx(h,4); // + data_pages_offset adam_offset = offs + H4(0); } else if (memcmp(h,"Adam",4) == 0) break; else return 0; } if (ic == 20) return 0; fi->seek(adam_offset,SEEK_SET); fi->readx(&ih,sizeof(ih)); // FIXME: should add some checks for the values in 'ih' return UPX_F_TMT_ADAM; #undef H4 #undef H }
static int get_hash_4(int index) { H4(crypt_out[index]); }
static int binary_hash_4(void *binary) { H4((char *)binary); }
unsigned host_to_le32(unsigned n) { return H4(n); }
Molecule C6H6() { int nAtoms = 12; // These are in Angstrom Eigen::Vector3d C1(5.274, 1.999, -8.568); Eigen::Vector3d C2(6.627, 2.018, -8.209); Eigen::Vector3d C3(7.366, 0.829, -8.202); Eigen::Vector3d C4(6.752, -0.379, -8.554); Eigen::Vector3d C5(5.399, -0.398, -8.912); Eigen::Vector3d C6(4.660, 0.791, -8.919); Eigen::Vector3d H1(4.704, 2.916, -8.573); Eigen::Vector3d H2(7.101, 2.950, -7.938); Eigen::Vector3d H3(8.410, 0.844, -7.926); Eigen::Vector3d H4(7.322, -1.296, -8.548); Eigen::Vector3d H5(4.925, -1.330, -9.183); Eigen::Vector3d H6(3.616, 0.776, -9.196); // Scale C1 /= convertBohrToAngstrom; C2 /= convertBohrToAngstrom; C3 /= convertBohrToAngstrom; C4 /= convertBohrToAngstrom; C5 /= convertBohrToAngstrom; C6 /= convertBohrToAngstrom; H1 /= convertBohrToAngstrom; H2 /= convertBohrToAngstrom; H3 /= convertBohrToAngstrom; H4 /= convertBohrToAngstrom; H5 /= convertBohrToAngstrom; H6 /= convertBohrToAngstrom; Eigen::MatrixXd geom(3, nAtoms); geom.col(0) = C1.transpose(); geom.col(1) = C2.transpose(); geom.col(2) = C3.transpose(); geom.col(3) = C4.transpose(); geom.col(4) = C5.transpose(); geom.col(5) = C6.transpose(); geom.col(6) = H1.transpose(); geom.col(7) = H2.transpose(); geom.col(8) = H3.transpose(); geom.col(9) = H4.transpose(); geom.col(10) = H5.transpose(); geom.col(11) = H6.transpose(); Eigen::VectorXd charges(12), masses(12); charges << 6.0, 6.0, 6.0, 6.0, 6.0, 6.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0; masses << 12.00, 12.0, 12.0, 12.0, 12.0, 12.0, 1.0078250, 1.0078250, 1.0078250, 1.0078250, 1.0078250, 1.0078250; double radiusC = 1.70 / convertBohrToAngstrom; double radiusH = 1.20 / convertBohrToAngstrom; std::vector<Atom> atoms; atoms.push_back( Atom("Carbon", "C", charges(0), masses(0), radiusC, C1, 1.0) ); atoms.push_back( Atom("Carbon", "C", charges(1), masses(1), radiusC, C2, 1.0) ); atoms.push_back( Atom("Carbon", "C", charges(2), masses(2), radiusC, C3, 1.0) ); atoms.push_back( Atom("Carbon", "C", charges(3), masses(3), radiusC, C4, 1.0) ); atoms.push_back( Atom("Carbon", "C", charges(4), masses(4), radiusC, C5, 1.0) ); atoms.push_back( Atom("Carbon", "C", charges(5), masses(5), radiusC, C6, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(6), masses(6), radiusH, H1, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(7), masses(7), radiusH, H2, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(8), masses(8), radiusH, H3, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(9), masses(9), radiusH, H4, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(10), masses(10), radiusH, H5, 1.0) ); atoms.push_back( Atom("Hydrogen", "H", charges(11), masses(11), radiusH, H6, 1.0) ); std::vector<Sphere> spheres; Sphere sph1(C1, radiusC); Sphere sph2(C2, radiusC); Sphere sph3(C3, radiusC); Sphere sph4(C4, radiusC); Sphere sph5(C5, radiusC); Sphere sph6(C6, radiusC); Sphere sph7(H1, radiusH); Sphere sph8(H2, radiusH); Sphere sph9(H3, radiusH); Sphere sph10(H4, radiusH); Sphere sph11(H5, radiusH); Sphere sph12(H6, radiusH); spheres.push_back(sph1); spheres.push_back(sph2); spheres.push_back(sph3); spheres.push_back(sph4); spheres.push_back(sph5); spheres.push_back(sph6); spheres.push_back(sph7); spheres.push_back(sph8); spheres.push_back(sph9); spheres.push_back(sph10); spheres.push_back(sph11); spheres.push_back(sph12); // D2h as generated by Oxy, Oxz, Oyz Symmetry pGroup = buildGroup(0, 0, 0, 0); return Molecule(nAtoms, charges, masses, geom, atoms, spheres, pGroup); };
static int get_hash_4(int index) { H4(buffer[index].out); }
void tSecureStream::m_setupClient(const tRSA& rsa, string appGreeting) { // This block is protected by constant timing in case // there is a man-in-the-middle who is causing the client // connection to fail over-and-over and analysing the time // it takes for the client to re-start the connection. // This block prevents info from being leaked about the // particular pre_secret that is being used by the current // connection attempt. vector<u8> rand_c, pre_secret, enc; { tConstTimeBlock ctb(&gClientInitTimingHistory); // Generate the client random vector. rand_c = s_genRand(kRandVectLen); // Generate the pre-secret random vector. pre_secret = s_genRand(kPreSecretLen); // Encrypt the pre-secret under the server's RSA public key. enc = rsa.encrypt(pre_secret); } // Send all this to the server. pack(m_internal_writable, kLibrhoGreeting); pack(m_internal_writable, appGreeting); pack(m_internal_writable, rand_c); pack(m_internal_writable, enc); s_flush(m_internal_writable); // Read the greeting from the server. // We don't care if timing info is leaked here // because 'kSuccessfulGreeting' is not a secret. string greetingResponse; try { unpack(m_internal_readable, greetingResponse, (u32)(std::max(kSuccessfulGreeting.length(), kFailedGreeting.length()))); } catch (ebObject& e) { throw eRuntimeError("The secure server didn't reply with its greeting."); } if (greetingResponse != kSuccessfulGreeting) throw eRuntimeError("The secure server sent a failure greeting."); // Read the random server bytes. // Again, we don't care about leaking timing info here. vector<u8> rand_s; try { unpack(m_internal_readable, rand_s, kRandVectLen); } catch (ebObject& e) { throw eRuntimeError("The secure server sent a random vector of the wrong length."); } if (rand_s.size() != kRandVectLen) throw eRuntimeError("The secure server sent a random vector of the wrong length."); // Another const timing block. vector<u8> secret, fPrime, g; { tConstTimeBlock ctb(&gClientProcessResponseTimingHistory); // Calculated the shared secret (from the pre-secret). secret = H1(pre_secret, rand_c, rand_s); // Calculate the correct response from the server. fPrime = H2(secret, rand_c, rand_s); // Calculate the proof-of-client. g = H3(secret, rand_c, rand_s); } // Read the proof-of-server hash. vector<u8> f; try { unpack(m_internal_readable, f, (u32)fPrime.size()); } catch (ebObject& e) { throw eRuntimeError("The secure server failed to verify itself."); } if (!s_constTimeIsEqual(f, fPrime)) throw eRuntimeError("The secure server failed to verify itself."); // Send the proof-of-client. (That is, prove we are not just replaying some other connection.) pack(m_internal_writable, g); s_flush(m_internal_writable); // Setup secure streams with the server. vector<u8> ksw = H4(pre_secret, secret, rand_c, rand_s); // <-- the Key for the Server Writer vector<u8> kcw = H5(pre_secret, secret, rand_c, rand_s); // <-- the Key for the Client Writer m_readable = new tReadableAES(m_internal_readable, kOpModeCBC, &ksw[0], s_toKeyLen(ksw.size())); m_writable = new tWritableAES(m_internal_writable, kOpModeCBC, &kcw[0], s_toKeyLen(kcw.size())); }
void tSecureStream::m_setupServer(const tRSA& rsa, string appGreeting) { // Read the greeting (part 1) from the client. // Note: The following DOES leak timing information, but we don't // care because 'kLibrhoGreeting' isn't a secret. string receivedLibrhoGreeting; try { unpack(m_internal_readable, receivedLibrhoGreeting, (u32)kLibrhoGreeting.size()); } catch (ebObject& e) { s_failConnection(m_internal_writable, "The secure client did not greet me properly."); } if (receivedLibrhoGreeting != kLibrhoGreeting) s_failConnection(m_internal_writable, "The secure client did not greet me properly."); // Read the greeting (part 2) from the client. // Note: The following DOES leak timing information, but we don't // care because 'appGreeting' isn't a secret. string receivedAppGreeting; try { unpack(m_internal_readable, receivedAppGreeting, (u32)appGreeting.size()); } catch (ebObject& e) { s_failConnection(m_internal_writable, "The secure client requested a different application."); } if (receivedAppGreeting != appGreeting) s_failConnection(m_internal_writable, "The secure client requested a different application."); // Read the client's random bytes. // Again, we don't care about the leaked info here because the correct // random vector length is not a secret. vector<u8> rand_c; try { unpack(m_internal_readable, rand_c, kRandVectLen); } catch (ebObject& e) { s_failConnection(m_internal_writable, "The secure client sent a random byte vector of the wrong length."); } if (rand_c.size() != kRandVectLen) s_failConnection(m_internal_writable, "The secure client sent a random byte vector of the wrong length."); // Read the encrypted pre-secret from the client. // (No info is leaked by this section.) vector<u8> enc; try { unpack(m_internal_readable, enc, rsa.maxMessageLength()+5); } catch (ebObject& e) { s_failConnection(m_internal_writable, "The secure client failed to send an encrypted pre-secret."); } // Now that the server has read everything from the client, it // will do some calculations. // We will protect this section with a const time block to // protect against timing side-channel attacks. vector<u8> pre_secret, rand_s, secret, f, gPrime; { // This object is constructed in this code block, and it // will be destructed when this block ends. The d'tor of // this class calls sleep() in order to enforce consistent // timing of the execution of this block. tConstTimeBlock ctb(&gServerProcessGreetingTimingHistory); // Decrypt the pre-secret and make sure it looks okay. pre_secret = rsa.decrypt(enc); if (pre_secret.size() != kPreSecretLen) s_failConnection(m_internal_writable, "The secure client gave a pre-secret that is the wrong length."); // Generate the server random byte vector. rand_s = s_genRand(kRandVectLen); // Calculated the shared secret (from the pre-secret). secret = H1(pre_secret, rand_c, rand_s); // Calculate the proof-of-server hash. (The convinces the client that we are the actual server.) f = H2(secret, rand_c, rand_s); // Calculate what the client correct response would be. gPrime = H3(secret, rand_c, rand_s); } // Write back to the client all this stuff. pack(m_internal_writable, kSuccessfulGreeting); pack(m_internal_writable, rand_s); pack(m_internal_writable, f); s_flush(m_internal_writable); // Have the client prove that it is a real client, not a reply attack. vector<u8> g; try { unpack(m_internal_readable, g, (u32)gPrime.size()); } catch (ebObject& e) { throw eRuntimeError("The secure client failed to show proof that it is real."); } if (!s_constTimeIsEqual(g, gPrime)) throw eRuntimeError("The secure client failed to show proof that it is real."); // Setup secure streams with the client. vector<u8> ksw = H4(pre_secret, secret, rand_c, rand_s); // <-- the Key for the Server Writer vector<u8> kcw = H5(pre_secret, secret, rand_c, rand_s); // <-- the Key for the Client Writer m_readable = new tReadableAES(m_internal_readable, kOpModeCBC, &kcw[0], s_toKeyLen(kcw.size())); m_writable = new tWritableAES(m_internal_writable, kOpModeCBC, &ksw[0], s_toKeyLen(ksw.size())); }