void HELPER(gvec_fcmlas_idx)(void *vd, void *vn, void *vm,
void *vfpst, uint32_t desc)
{
uintptr_t opr_sz = simd_oprsz(desc);
float32 *d = vd;
float32 *n = vn;
float32 *m = vm;
float_status *fpst = vfpst;
intptr_t flip = extract32(desc, SIMD_DATA_SHIFT, 1);
uint32_t neg_imag = extract32(desc, SIMD_DATA_SHIFT + 1, 1);
uint32_t neg_real = flip ^ neg_imag;
uintptr_t i;
float32 e1 = m[H4(flip)];
float32 e3 = m[H4(1 - flip)];
/* Shift boolean to the sign bit so we can xor to negate. */
neg_real <<= 31;
neg_imag <<= 31;
e1 ^= neg_real;
e3 ^= neg_imag;
for (i = 0; i < opr_sz / 4; i += 2) {
float32 e2 = n[H4(i + flip)];
float32 e4 = e2;
d[H4(i)] = float32_muladd(e2, e1, d[H4(i)], 0, fpst);
d[H4(i + 1)] = float32_muladd(e4, e3, d[H4(i + 1)], 0, fpst);
}
clear_tail(d, opr_sz, simd_maxsz(desc));
}
void HELPER(gvec_fcadds)(void *vd, void *vn, void *vm,
void *vfpst, uint32_t desc)
{
uintptr_t opr_sz = simd_oprsz(desc);
float32 *d = vd;
float32 *n = vn;
float32 *m = vm;
float_status *fpst = vfpst;
uint32_t neg_real = extract32(desc, SIMD_DATA_SHIFT, 1);
uint32_t neg_imag = neg_real ^ 1;
uintptr_t i;
/* Shift boolean to the sign bit so we can xor to negate. */
neg_real <<= 31;
neg_imag <<= 31;
for (i = 0; i < opr_sz / 4; i += 2) {
float32 e0 = n[H4(i)];
float32 e1 = m[H4(i + 1)] ^ neg_imag;
float32 e2 = n[H4(i + 1)];
float32 e3 = m[H4(i)] ^ neg_real;
d[H4(i)] = float32_add(e0, e1, fpst);
d[H4(i + 1)] = float32_add(e2, e3, fpst);
}
clear_tail(d, opr_sz, simd_maxsz(desc));
}
Molecule C2H4()
{
int nAtoms = 6;
Eigen::Vector3d C1(0.0000000000, 0.0000000000, 1.2578920000);
Eigen::Vector3d H1(0.0000000000, 1.7454620000, 2.3427160000);
Eigen::Vector3d H2(0.0000000000, -1.7454620000, 2.3427160000);
Eigen::Vector3d C2(0.0000000000, 0.0000000000, -1.2578920000);
Eigen::Vector3d H3(0.0000000000, 1.7454620000, -2.3427160000);
Eigen::Vector3d H4(0.0000000000, -1.7454620000, -2.3427160000);
Eigen::MatrixXd geom(3, nAtoms);
geom.col(0) = C1.transpose();
geom.col(1) = H1.transpose();
geom.col(2) = H2.transpose();
geom.col(3) = C2.transpose();
geom.col(4) = H3.transpose();
geom.col(5) = H4.transpose();
Eigen::VectorXd charges(6), masses(6);
charges << 6.0, 1.0, 1.0, 6.0, 1.0, 1.0;
masses << 12.00, 1.0078250, 1.0078250, 12.0, 1.0078250, 1.0078250;
double radiusC = (1.70 * 1.20) / convertBohrToAngstrom;
double radiusH = (1.20 * 1.20) / convertBohrToAngstrom;
std::vector<Atom> atoms;
atoms.push_back( Atom("Carbon", "C", charges(0), masses(0), radiusC, C1, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(1), masses(1), radiusH, H1, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(2), masses(2), radiusH, H2, 1.0) );
atoms.push_back( Atom("Carbon", "C", charges(3), masses(3), radiusC, C2, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(4), masses(4), radiusH, H3, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(5), masses(5), radiusH, H4, 1.0) );
std::vector<Sphere> spheres;
Sphere sph1(C1, radiusC);
Sphere sph2(H1, radiusH);
Sphere sph3(H2, radiusH);
Sphere sph4(C2, radiusC);
Sphere sph5(H3, radiusH);
Sphere sph6(H4, radiusH);
spheres.push_back(sph1);
spheres.push_back(sph2);
spheres.push_back(sph3);
spheres.push_back(sph4);
spheres.push_back(sph5);
spheres.push_back(sph6);
// D2h as generated by Oxy, Oxz, Oyz
Symmetry pGroup = buildGroup(3, 4, 2, 1);
return Molecule(nAtoms, charges, masses, geom, atoms, spheres, pGroup);
};
static inline void fix_endians(apacket *p) {
p->msg.command = H4(p->msg.command);
p->msg.arg0 = H4(p->msg.arg0);
p->msg.arg1 = H4(p->msg.arg1);
p->msg.data_length = H4(p->msg.data_length);
p->msg.data_check = H4(p->msg.data_check);
p->msg.magic = H4(p->msg.magic);
}
int PackTmt::readFileHeader()
{
#define H(x) get_le16(h+2*(x))
#define H4(x) get_le32(h+(x))
unsigned char h[0x40];
int ic;
unsigned exe_offset = 0;
adam_offset = 0;
for (ic = 0; ic < 20; ic++)
{
fi->seek(adam_offset,SEEK_SET);
fi->readx(h,sizeof(h));
if (memcmp(h,"MZ",2) == 0) // dos exe
{
exe_offset = adam_offset;
adam_offset += H(2)*512+H(1);
if (H(1))
adam_offset -= 512;
if (H(0x18/2) == 0x40 && H4(0x3c))
adam_offset = H4(0x3c);
}
else if (memcmp(h,"BW",2) == 0)
adam_offset += H(2)*512+H(1);
else if (memcmp(h,"PMW1",4) == 0)
{
fi->seek(adam_offset + H4(0x18),SEEK_SET);
adam_offset += H4(0x24);
int objs = H4(0x1c);
while (objs--)
{
fi->readx(h,0x18);
adam_offset += H4(4);
}
}
else if (memcmp(h,"LE",2) == 0)
{
// + (memory_pages-1)*memory_page_size+bytes_on_last_page
unsigned offs = exe_offset + (H4(0x14) - 1) * H4(0x28) + H4(0x2c);
fi->seek(adam_offset+0x80,SEEK_SET);
fi->readx(h,4);
// + data_pages_offset
adam_offset = offs + H4(0);
}
else if (memcmp(h,"Adam",4) == 0)
break;
else
return 0;
}
if (ic == 20)
return 0;
fi->seek(adam_offset,SEEK_SET);
fi->readx(&ih,sizeof(ih));
// FIXME: should add some checks for the values in 'ih'
return UPX_F_TMT_ADAM;
#undef H4
#undef H
}
static int get_hash_4(int index)
{
H4(crypt_out[index]);
}
static int binary_hash_4(void *binary)
{
H4((char *)binary);
}
unsigned host_to_le32(unsigned n)
{
return H4(n);
}
Molecule C6H6()
{
int nAtoms = 12;
// These are in Angstrom
Eigen::Vector3d C1(5.274, 1.999, -8.568);
Eigen::Vector3d C2(6.627, 2.018, -8.209);
Eigen::Vector3d C3(7.366, 0.829, -8.202);
Eigen::Vector3d C4(6.752, -0.379, -8.554);
Eigen::Vector3d C5(5.399, -0.398, -8.912);
Eigen::Vector3d C6(4.660, 0.791, -8.919);
Eigen::Vector3d H1(4.704, 2.916, -8.573);
Eigen::Vector3d H2(7.101, 2.950, -7.938);
Eigen::Vector3d H3(8.410, 0.844, -7.926);
Eigen::Vector3d H4(7.322, -1.296, -8.548);
Eigen::Vector3d H5(4.925, -1.330, -9.183);
Eigen::Vector3d H6(3.616, 0.776, -9.196);
// Scale
C1 /= convertBohrToAngstrom;
C2 /= convertBohrToAngstrom;
C3 /= convertBohrToAngstrom;
C4 /= convertBohrToAngstrom;
C5 /= convertBohrToAngstrom;
C6 /= convertBohrToAngstrom;
H1 /= convertBohrToAngstrom;
H2 /= convertBohrToAngstrom;
H3 /= convertBohrToAngstrom;
H4 /= convertBohrToAngstrom;
H5 /= convertBohrToAngstrom;
H6 /= convertBohrToAngstrom;
Eigen::MatrixXd geom(3, nAtoms);
geom.col(0) = C1.transpose();
geom.col(1) = C2.transpose();
geom.col(2) = C3.transpose();
geom.col(3) = C4.transpose();
geom.col(4) = C5.transpose();
geom.col(5) = C6.transpose();
geom.col(6) = H1.transpose();
geom.col(7) = H2.transpose();
geom.col(8) = H3.transpose();
geom.col(9) = H4.transpose();
geom.col(10) = H5.transpose();
geom.col(11) = H6.transpose();
Eigen::VectorXd charges(12), masses(12);
charges << 6.0, 6.0, 6.0, 6.0, 6.0, 6.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0;
masses << 12.00, 12.0, 12.0, 12.0, 12.0, 12.0, 1.0078250, 1.0078250, 1.0078250,
1.0078250, 1.0078250, 1.0078250;
double radiusC = 1.70 / convertBohrToAngstrom;
double radiusH = 1.20 / convertBohrToAngstrom;
std::vector<Atom> atoms;
atoms.push_back( Atom("Carbon", "C", charges(0), masses(0), radiusC, C1, 1.0) );
atoms.push_back( Atom("Carbon", "C", charges(1), masses(1), radiusC, C2, 1.0) );
atoms.push_back( Atom("Carbon", "C", charges(2), masses(2), radiusC, C3, 1.0) );
atoms.push_back( Atom("Carbon", "C", charges(3), masses(3), radiusC, C4, 1.0) );
atoms.push_back( Atom("Carbon", "C", charges(4), masses(4), radiusC, C5, 1.0) );
atoms.push_back( Atom("Carbon", "C", charges(5), masses(5), radiusC, C6, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(6), masses(6), radiusH, H1, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(7), masses(7), radiusH, H2, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(8), masses(8), radiusH, H3, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(9), masses(9), radiusH, H4, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(10), masses(10), radiusH, H5, 1.0) );
atoms.push_back( Atom("Hydrogen", "H", charges(11), masses(11), radiusH, H6, 1.0) );
std::vector<Sphere> spheres;
Sphere sph1(C1, radiusC);
Sphere sph2(C2, radiusC);
Sphere sph3(C3, radiusC);
Sphere sph4(C4, radiusC);
Sphere sph5(C5, radiusC);
Sphere sph6(C6, radiusC);
Sphere sph7(H1, radiusH);
Sphere sph8(H2, radiusH);
Sphere sph9(H3, radiusH);
Sphere sph10(H4, radiusH);
Sphere sph11(H5, radiusH);
Sphere sph12(H6, radiusH);
spheres.push_back(sph1);
spheres.push_back(sph2);
spheres.push_back(sph3);
spheres.push_back(sph4);
spheres.push_back(sph5);
spheres.push_back(sph6);
spheres.push_back(sph7);
spheres.push_back(sph8);
spheres.push_back(sph9);
spheres.push_back(sph10);
spheres.push_back(sph11);
spheres.push_back(sph12);
// D2h as generated by Oxy, Oxz, Oyz
Symmetry pGroup = buildGroup(0, 0, 0, 0);
return Molecule(nAtoms, charges, masses, geom, atoms, spheres, pGroup);
};
static int get_hash_4(int index)
{
H4(buffer[index].out);
}
void tSecureStream::m_setupClient(const tRSA& rsa, string appGreeting)
{
// This block is protected by constant timing in case
// there is a man-in-the-middle who is causing the client
// connection to fail over-and-over and analysing the time
// it takes for the client to re-start the connection.
// This block prevents info from being leaked about the
// particular pre_secret that is being used by the current
// connection attempt.
vector<u8> rand_c, pre_secret, enc;
{
tConstTimeBlock ctb(&gClientInitTimingHistory);
// Generate the client random vector.
rand_c = s_genRand(kRandVectLen);
// Generate the pre-secret random vector.
pre_secret = s_genRand(kPreSecretLen);
// Encrypt the pre-secret under the server's RSA public key.
enc = rsa.encrypt(pre_secret);
}
// Send all this to the server.
pack(m_internal_writable, kLibrhoGreeting);
pack(m_internal_writable, appGreeting);
pack(m_internal_writable, rand_c);
pack(m_internal_writable, enc);
s_flush(m_internal_writable);
// Read the greeting from the server.
// We don't care if timing info is leaked here
// because 'kSuccessfulGreeting' is not a secret.
string greetingResponse;
try {
unpack(m_internal_readable, greetingResponse,
(u32)(std::max(kSuccessfulGreeting.length(), kFailedGreeting.length())));
} catch (ebObject& e) {
throw eRuntimeError("The secure server didn't reply with its greeting.");
}
if (greetingResponse != kSuccessfulGreeting)
throw eRuntimeError("The secure server sent a failure greeting.");
// Read the random server bytes.
// Again, we don't care about leaking timing info here.
vector<u8> rand_s;
try {
unpack(m_internal_readable, rand_s, kRandVectLen);
} catch (ebObject& e) {
throw eRuntimeError("The secure server sent a random vector of the wrong length.");
}
if (rand_s.size() != kRandVectLen)
throw eRuntimeError("The secure server sent a random vector of the wrong length.");
// Another const timing block.
vector<u8> secret, fPrime, g;
{
tConstTimeBlock ctb(&gClientProcessResponseTimingHistory);
// Calculated the shared secret (from the pre-secret).
secret = H1(pre_secret, rand_c, rand_s);
// Calculate the correct response from the server.
fPrime = H2(secret, rand_c, rand_s);
// Calculate the proof-of-client.
g = H3(secret, rand_c, rand_s);
}
// Read the proof-of-server hash.
vector<u8> f;
try {
unpack(m_internal_readable, f, (u32)fPrime.size());
} catch (ebObject& e) {
throw eRuntimeError("The secure server failed to verify itself.");
}
if (!s_constTimeIsEqual(f, fPrime))
throw eRuntimeError("The secure server failed to verify itself.");
// Send the proof-of-client. (That is, prove we are not just replaying some other connection.)
pack(m_internal_writable, g);
s_flush(m_internal_writable);
// Setup secure streams with the server.
vector<u8> ksw = H4(pre_secret, secret, rand_c, rand_s); // <-- the Key for the Server Writer
vector<u8> kcw = H5(pre_secret, secret, rand_c, rand_s); // <-- the Key for the Client Writer
m_readable = new tReadableAES(m_internal_readable, kOpModeCBC,
&ksw[0], s_toKeyLen(ksw.size()));
m_writable = new tWritableAES(m_internal_writable, kOpModeCBC,
&kcw[0], s_toKeyLen(kcw.size()));
}
void tSecureStream::m_setupServer(const tRSA& rsa, string appGreeting)
{
// Read the greeting (part 1) from the client.
// Note: The following DOES leak timing information, but we don't
// care because 'kLibrhoGreeting' isn't a secret.
string receivedLibrhoGreeting;
try {
unpack(m_internal_readable, receivedLibrhoGreeting, (u32)kLibrhoGreeting.size());
} catch (ebObject& e) {
s_failConnection(m_internal_writable, "The secure client did not greet me properly.");
}
if (receivedLibrhoGreeting != kLibrhoGreeting)
s_failConnection(m_internal_writable, "The secure client did not greet me properly.");
// Read the greeting (part 2) from the client.
// Note: The following DOES leak timing information, but we don't
// care because 'appGreeting' isn't a secret.
string receivedAppGreeting;
try {
unpack(m_internal_readable, receivedAppGreeting, (u32)appGreeting.size());
} catch (ebObject& e) {
s_failConnection(m_internal_writable, "The secure client requested a different application.");
}
if (receivedAppGreeting != appGreeting)
s_failConnection(m_internal_writable, "The secure client requested a different application.");
// Read the client's random bytes.
// Again, we don't care about the leaked info here because the correct
// random vector length is not a secret.
vector<u8> rand_c;
try {
unpack(m_internal_readable, rand_c, kRandVectLen);
} catch (ebObject& e) {
s_failConnection(m_internal_writable, "The secure client sent a random byte vector of the wrong length.");
}
if (rand_c.size() != kRandVectLen)
s_failConnection(m_internal_writable, "The secure client sent a random byte vector of the wrong length.");
// Read the encrypted pre-secret from the client.
// (No info is leaked by this section.)
vector<u8> enc;
try {
unpack(m_internal_readable, enc, rsa.maxMessageLength()+5);
} catch (ebObject& e) {
s_failConnection(m_internal_writable, "The secure client failed to send an encrypted pre-secret.");
}
// Now that the server has read everything from the client, it
// will do some calculations.
// We will protect this section with a const time block to
// protect against timing side-channel attacks.
vector<u8> pre_secret, rand_s, secret, f, gPrime;
{
// This object is constructed in this code block, and it
// will be destructed when this block ends. The d'tor of
// this class calls sleep() in order to enforce consistent
// timing of the execution of this block.
tConstTimeBlock ctb(&gServerProcessGreetingTimingHistory);
// Decrypt the pre-secret and make sure it looks okay.
pre_secret = rsa.decrypt(enc);
if (pre_secret.size() != kPreSecretLen)
s_failConnection(m_internal_writable, "The secure client gave a pre-secret that is the wrong length.");
// Generate the server random byte vector.
rand_s = s_genRand(kRandVectLen);
// Calculated the shared secret (from the pre-secret).
secret = H1(pre_secret, rand_c, rand_s);
// Calculate the proof-of-server hash. (The convinces the client that we are the actual server.)
f = H2(secret, rand_c, rand_s);
// Calculate what the client correct response would be.
gPrime = H3(secret, rand_c, rand_s);
}
// Write back to the client all this stuff.
pack(m_internal_writable, kSuccessfulGreeting);
pack(m_internal_writable, rand_s);
pack(m_internal_writable, f);
s_flush(m_internal_writable);
// Have the client prove that it is a real client, not a reply attack.
vector<u8> g;
try {
unpack(m_internal_readable, g, (u32)gPrime.size());
} catch (ebObject& e) {
throw eRuntimeError("The secure client failed to show proof that it is real.");
}
if (!s_constTimeIsEqual(g, gPrime))
throw eRuntimeError("The secure client failed to show proof that it is real.");
// Setup secure streams with the client.
vector<u8> ksw = H4(pre_secret, secret, rand_c, rand_s); // <-- the Key for the Server Writer
vector<u8> kcw = H5(pre_secret, secret, rand_c, rand_s); // <-- the Key for the Client Writer
m_readable = new tReadableAES(m_internal_readable, kOpModeCBC,
&kcw[0], s_toKeyLen(kcw.size()));
m_writable = new tWritableAES(m_internal_writable, kOpModeCBC,
&ksw[0], s_toKeyLen(ksw.size()));
}
