diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-10-06 12:19:49 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-10-06 12:19:49 +0700 |
commit | 2d28fafa7fe1becdada43f939b5121946468052c (patch) | |
tree | ab0b57beefd9976b7d3091fbefc0fab4635f3d04 /crypto | |
parent | Refactor RSACoreEngine.ConvertOutput (diff) | |
download | BouncyCastle.NET-ed25519-2d28fafa7fe1becdada43f939b5121946468052c.tar.xz |
Refactor stackalloc usage
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/src/bcpg/ECDHPublicBCPGKey.cs | 4 | ||||
-rw-r--r-- | crypto/src/bcpg/MPInteger.cs | 22 | ||||
-rw-r--r-- | crypto/src/crypto/agreement/kdf/DHKekGenerator.cs | 4 | ||||
-rw-r--r-- | crypto/src/crypto/agreement/srp/SRP6Utilities.cs | 38 | ||||
-rw-r--r-- | crypto/src/crypto/digests/ShortenedDigest.cs | 5 | ||||
-rw-r--r-- | crypto/src/crypto/engines/SM2Engine.cs | 26 | ||||
-rw-r--r-- | crypto/src/crypto/generators/BaseKdfBytesGenerator.cs | 4 | ||||
-rw-r--r-- | crypto/src/crypto/io/CipherStream.cs | 4 | ||||
-rw-r--r-- | crypto/src/crypto/modes/CtsBlockCipher.cs | 8 | ||||
-rw-r--r-- | crypto/src/crypto/modes/EAXBlockCipher.cs | 6 | ||||
-rw-r--r-- | crypto/src/crypto/modes/KCcmBlockCipher.cs | 4 | ||||
-rw-r--r-- | crypto/src/crypto/signers/HMacDsaKCalculator.cs | 5 | ||||
-rw-r--r-- | crypto/src/crypto/signers/X931Signer.cs | 5 | ||||
-rw-r--r-- | crypto/src/math/ec/ECAlgorithms.cs | 5 | ||||
-rw-r--r-- | crypto/src/math/ec/rfc8032/Ed25519.cs | 5 | ||||
-rw-r--r-- | crypto/src/openpgp/PgpPublicKey.cs | 6 |
16 files changed, 108 insertions, 43 deletions
diff --git a/crypto/src/bcpg/ECDHPublicBCPGKey.cs b/crypto/src/bcpg/ECDHPublicBCPGKey.cs index 05c34ba8b..5b6d9460e 100644 --- a/crypto/src/bcpg/ECDHPublicBCPGKey.cs +++ b/crypto/src/bcpg/ECDHPublicBCPGKey.cs @@ -22,9 +22,9 @@ namespace Org.BouncyCastle.Bcpg throw new InvalidOperationException("KDF parameters size of 3 expected."); #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> kdfParameters = stackalloc byte[length]; + Span<byte> kdfParameters = stackalloc byte[3]; #else - byte[] kdfParameters = new byte[length]; + byte[] kdfParameters = new byte[3]; #endif bcpgIn.ReadFully(kdfParameters); diff --git a/crypto/src/bcpg/MPInteger.cs b/crypto/src/bcpg/MPInteger.cs index 2f564b00c..eb59be6e5 100644 --- a/crypto/src/bcpg/MPInteger.cs +++ b/crypto/src/bcpg/MPInteger.cs @@ -20,16 +20,13 @@ namespace Org.BouncyCastle.Bcpg int lengthInBytes = (lengthInBits + 7) / 8; #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - if (lengthInBytes <= 512) - { - Span<byte> span = stackalloc byte[lengthInBytes]; - bcpgIn.ReadFully(span); - m_val = new BigInteger(1, span); - return; - } + Span<byte> bytes = lengthInBytes <= 512 + ? stackalloc byte[lengthInBytes] + : new byte[lengthInBytes]; +#else + byte[] bytes = new byte[lengthInBytes]; #endif - byte[] bytes = new byte[lengthInBytes]; bcpgIn.ReadFully(bytes); m_val = new BigInteger(1, bytes); } @@ -55,12 +52,15 @@ namespace Org.BouncyCastle.Bcpg internal static BigInteger ToMpiBigInteger(ECPoint point) { #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> encoding = stackalloc byte[point.GetEncodedLength(false)]; + int encodedLength = point.GetEncodedLength(false); + Span<byte> encoding = encodedLength <= 512 + ? stackalloc byte[encodedLength] + : new byte[encodedLength]; point.EncodeTo(false, encoding); - return new BigInteger(1, encoding); #else - return new BigInteger(1, point.GetEncoded(false)); + byte[] encoding = point.GetEncoded(false); #endif + return new BigInteger(1, encoding); } } } diff --git a/crypto/src/crypto/agreement/kdf/DHKekGenerator.cs b/crypto/src/crypto/agreement/kdf/DHKekGenerator.cs index 7d75c2224..2dabe9d1f 100644 --- a/crypto/src/crypto/agreement/kdf/DHKekGenerator.cs +++ b/crypto/src/crypto/agreement/kdf/DHKekGenerator.cs @@ -120,7 +120,9 @@ namespace Org.BouncyCastle.Crypto.Agreement.Kdf int cThreshold = (int)((oBytes + digestSize - 1) / digestSize); - Span<byte> dig = stackalloc byte[digestSize]; + Span<byte> dig = digestSize <= 128 + ? stackalloc byte[digestSize] + : new byte[digestSize]; uint counter = 1; diff --git a/crypto/src/crypto/agreement/srp/SRP6Utilities.cs b/crypto/src/crypto/agreement/srp/SRP6Utilities.cs index 2176a7100..73be57c5a 100644 --- a/crypto/src/crypto/agreement/srp/SRP6Utilities.cs +++ b/crypto/src/crypto/agreement/srp/SRP6Utilities.cs @@ -42,7 +42,10 @@ namespace Org.BouncyCastle.Crypto.Agreement.Srp public static BigInteger CalculateX(IDigest digest, BigInteger N, ReadOnlySpan<byte> salt, ReadOnlySpan<byte> identity, ReadOnlySpan<byte> password) { - Span<byte> output = stackalloc byte[digest.GetDigestSize()]; + int digestSize = digest.GetDigestSize(); + Span<byte> output = digestSize <= 128 + ? stackalloc byte[digestSize] + : new byte[digestSize]; digest.BlockUpdate(identity); digest.Update((byte)':'); @@ -119,20 +122,25 @@ namespace Org.BouncyCastle.Crypto.Agreement.Srp public static BigInteger CalculateKey(IDigest digest, BigInteger N, BigInteger S) { int paddedLength = (N.BitLength + 7) / 8; + int digestSize = digest.GetDigestSize(); #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> bytes = stackalloc byte[paddedLength]; + Span<byte> bytes = paddedLength <= 512 + ? stackalloc byte[paddedLength] + : new byte[paddedLength]; BigIntegers.AsUnsignedByteArray(S, bytes); digest.BlockUpdate(bytes); - Span<byte> output = stackalloc byte[digest.GetDigestSize()]; + Span<byte> output = digestSize <= 128 + ? stackalloc byte[digestSize] + : new byte[digestSize]; digest.DoFinal(output); #else byte[] bytes = new byte[paddedLength]; BigIntegers.AsUnsignedByteArray(S, bytes, 0, bytes.Length); digest.BlockUpdate(bytes, 0, bytes.Length); - byte[] output = new byte[digest.GetDigestSize()]; + byte[] output = new byte[digestSize]; digest.DoFinal(output, 0); #endif @@ -142,9 +150,12 @@ namespace Org.BouncyCastle.Crypto.Agreement.Srp private static BigInteger HashPaddedTriplet(IDigest digest, BigInteger N, BigInteger n1, BigInteger n2, BigInteger n3) { int paddedLength = (N.BitLength + 7) / 8; + int digestSize = digest.GetDigestSize(); #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> bytes = stackalloc byte[paddedLength]; + Span<byte> bytes = paddedLength <= 512 + ? stackalloc byte[paddedLength] + : new byte[paddedLength]; BigIntegers.AsUnsignedByteArray(n1, bytes); digest.BlockUpdate(bytes); BigIntegers.AsUnsignedByteArray(n2, bytes); @@ -152,7 +163,9 @@ namespace Org.BouncyCastle.Crypto.Agreement.Srp BigIntegers.AsUnsignedByteArray(n3, bytes); digest.BlockUpdate(bytes); - Span<byte> output = stackalloc byte[digest.GetDigestSize()]; + Span<byte> output = digestSize <= 128 + ? stackalloc byte[digestSize] + : new byte[digestSize]; digest.DoFinal(output); #else byte[] bytes = new byte[paddedLength]; @@ -163,7 +176,7 @@ namespace Org.BouncyCastle.Crypto.Agreement.Srp BigIntegers.AsUnsignedByteArray(n3, bytes, 0, bytes.Length); digest.BlockUpdate(bytes, 0, bytes.Length); - byte[] output = new byte[digest.GetDigestSize()]; + byte[] output = new byte[digestSize]; digest.DoFinal(output, 0); #endif @@ -173,15 +186,20 @@ namespace Org.BouncyCastle.Crypto.Agreement.Srp private static BigInteger HashPaddedPair(IDigest digest, BigInteger N, BigInteger n1, BigInteger n2) { int paddedLength = (N.BitLength + 7) / 8; + int digestSize = digest.GetDigestSize(); #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> bytes = stackalloc byte[paddedLength]; + Span<byte> bytes = paddedLength <= 512 + ? stackalloc byte[paddedLength] + : new byte[paddedLength]; BigIntegers.AsUnsignedByteArray(n1, bytes); digest.BlockUpdate(bytes); BigIntegers.AsUnsignedByteArray(n2, bytes); digest.BlockUpdate(bytes); - Span<byte> output = stackalloc byte[digest.GetDigestSize()]; + Span<byte> output = digestSize <= 128 + ? stackalloc byte[digestSize] + : new byte[digestSize]; digest.DoFinal(output); #else byte[] bytes = new byte[paddedLength]; @@ -190,7 +208,7 @@ namespace Org.BouncyCastle.Crypto.Agreement.Srp BigIntegers.AsUnsignedByteArray(n2, bytes, 0, bytes.Length); digest.BlockUpdate(bytes, 0, bytes.Length); - byte[] output = new byte[digest.GetDigestSize()]; + byte[] output = new byte[digestSize]; digest.DoFinal(output, 0); #endif diff --git a/crypto/src/crypto/digests/ShortenedDigest.cs b/crypto/src/crypto/digests/ShortenedDigest.cs index 9e9998560..0ea3cc1a1 100644 --- a/crypto/src/crypto/digests/ShortenedDigest.cs +++ b/crypto/src/crypto/digests/ShortenedDigest.cs @@ -78,7 +78,10 @@ namespace Org.BouncyCastle.Crypto.Digests #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER public int DoFinal(Span<byte> output) { - Span<byte> tmp = stackalloc byte[baseDigest.GetDigestSize()]; + int baseDigestSize = baseDigest.GetDigestSize(); + Span<byte> tmp = baseDigestSize <= 128 + ? stackalloc byte[baseDigestSize] + : new byte[baseDigestSize]; baseDigest.DoFinal(tmp); diff --git a/crypto/src/crypto/engines/SM2Engine.cs b/crypto/src/crypto/engines/SM2Engine.cs index 36593cddc..e0734d424 100644 --- a/crypto/src/crypto/engines/SM2Engine.cs +++ b/crypto/src/crypto/engines/SM2Engine.cs @@ -138,14 +138,20 @@ namespace Org.BouncyCastle.Crypto.Engines ECPoint c1P = multiplier.Multiply(mECParams.G, k).Normalize(); - Span<byte> c1 = stackalloc byte[c1P.GetEncodedLength(false)]; + int c1PEncodedLength = c1P.GetEncodedLength(false); + Span<byte> c1 = c1PEncodedLength <= 512 + ? stackalloc byte[c1PEncodedLength] + : new byte[c1PEncodedLength]; c1P.EncodeTo(false, c1); AddFieldElement(mDigest, kPB.AffineXCoord); mDigest.BlockUpdate(input); AddFieldElement(mDigest, kPB.AffineYCoord); - Span<byte> c3 = stackalloc byte[mDigest.GetDigestSize()]; + int digestSize = mDigest.GetDigestSize(); + Span<byte> c3 = digestSize <= 128 + ? stackalloc byte[digestSize] + : new byte[digestSize]; mDigest.DoFinal(c3); switch (mMode) @@ -187,7 +193,9 @@ namespace Org.BouncyCastle.Crypto.Engines mDigest.BlockUpdate(c2); AddFieldElement(mDigest, c1P.AffineYCoord); - Span<byte> c3 = stackalloc byte[mDigest.GetDigestSize()]; + Span<byte> c3 = digestSize <= 128 + ? stackalloc byte[digestSize] + : new byte[digestSize]; mDigest.DoFinal(c3); int check = 0; @@ -343,10 +351,13 @@ namespace Org.BouncyCastle.Crypto.Engines private void Kdf(IDigest digest, ECPoint c1, byte[] encData) { int digestSize = digest.GetDigestSize(); + int bufSize = System.Math.Max(4, digestSize); #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> buf = stackalloc byte[System.Math.Max(4, digestSize)]; + Span<byte> buf = bufSize <= 128 + ? stackalloc byte[bufSize] + : new byte[bufSize]; #else - byte[] buf = new byte[System.Math.Max(4, digestSize)]; + byte[] buf = new byte[bufSize]; #endif int off = 0; @@ -426,7 +437,10 @@ namespace Org.BouncyCastle.Crypto.Engines private void AddFieldElement(IDigest digest, ECFieldElement v) { #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> p = stackalloc byte[v.GetEncodedLength()]; + int encodedLength = v.GetEncodedLength(); + Span<byte> p = encodedLength <= 128 + ? stackalloc byte[encodedLength] + : new byte[encodedLength]; v.EncodeTo(p); digest.BlockUpdate(p); #else diff --git a/crypto/src/crypto/generators/BaseKdfBytesGenerator.cs b/crypto/src/crypto/generators/BaseKdfBytesGenerator.cs index c0c4be217..a1839dc33 100644 --- a/crypto/src/crypto/generators/BaseKdfBytesGenerator.cs +++ b/crypto/src/crypto/generators/BaseKdfBytesGenerator.cs @@ -142,7 +142,9 @@ namespace Org.BouncyCastle.Crypto.Generators int cThreshold = (int)((oBytes + digestSize - 1) / digestSize); - Span<byte> dig = stackalloc byte[digestSize]; + Span<byte> dig = digestSize <= 128 + ? stackalloc byte[digestSize] + : new byte[digestSize]; Span<byte> C = stackalloc byte[4]; Pack.UInt32_To_BE((uint)counterStart, C); diff --git a/crypto/src/crypto/io/CipherStream.cs b/crypto/src/crypto/io/CipherStream.cs index e59f33679..145fa7fd3 100644 --- a/crypto/src/crypto/io/CipherStream.cs +++ b/crypto/src/crypto/io/CipherStream.cs @@ -258,7 +258,9 @@ namespace Org.BouncyCastle.Crypto.IO { #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER int outputSize = m_writeCipher.GetOutputSize(0); - Span<byte> output = stackalloc byte[outputSize]; + Span<byte> output = outputSize <= 256 + ? stackalloc byte[outputSize] + : new byte[outputSize]; int len = m_writeCipher.DoFinal(output); m_stream.Write(output[..len]); #else diff --git a/crypto/src/crypto/modes/CtsBlockCipher.cs b/crypto/src/crypto/modes/CtsBlockCipher.cs index 022e86675..e76049a36 100644 --- a/crypto/src/crypto/modes/CtsBlockCipher.cs +++ b/crypto/src/crypto/modes/CtsBlockCipher.cs @@ -294,7 +294,9 @@ namespace Org.BouncyCastle.Crypto.Modes int blockSize = m_cipherMode.GetBlockSize(); int length = bufOff - blockSize; - Span<byte> block = stackalloc byte[blockSize]; + Span<byte> block = blockSize <= 64 + ? stackalloc byte[blockSize] + : new byte[blockSize]; if (forEncryption) { @@ -319,7 +321,9 @@ namespace Org.BouncyCastle.Crypto.Modes } else { - Span<byte> lastBlock = stackalloc byte[blockSize]; + Span<byte> lastBlock = blockSize <= 64 + ? stackalloc byte[blockSize] + : new byte[blockSize]; m_cipherMode.UnderlyingCipher.ProcessBlock(buf, block); diff --git a/crypto/src/crypto/modes/EAXBlockCipher.cs b/crypto/src/crypto/modes/EAXBlockCipher.cs index 5d7f05d02..770c432e2 100644 --- a/crypto/src/crypto/modes/EAXBlockCipher.cs +++ b/crypto/src/crypto/modes/EAXBlockCipher.cs @@ -316,7 +316,11 @@ namespace Org.BouncyCastle.Crypto.Modes InitCipher(); int extra = bufOff; - Span<byte> tmp = stackalloc byte[bufBlock.Length]; + int tmpLength = bufBlock.Length; + + Span<byte> tmp = tmpLength <= 128 + ? stackalloc byte[tmpLength] + : new byte[tmpLength]; bufOff = 0; diff --git a/crypto/src/crypto/modes/KCcmBlockCipher.cs b/crypto/src/crypto/modes/KCcmBlockCipher.cs index a733379cc..cc4a5060c 100644 --- a/crypto/src/crypto/modes/KCcmBlockCipher.cs +++ b/crypto/src/crypto/modes/KCcmBlockCipher.cs @@ -459,7 +459,9 @@ namespace Org.BouncyCastle.Crypto.Modes Array.Copy(macBlock, 0, mac, 0, macSize); - Span<byte> calculatedMac = stackalloc byte[macSize]; + Span<byte> calculatedMac = macSize <= 64 + ? stackalloc byte[macSize] + : new byte[macSize]; buffer.AsSpan(0, macSize).CopyTo(calculatedMac); diff --git a/crypto/src/crypto/signers/HMacDsaKCalculator.cs b/crypto/src/crypto/signers/HMacDsaKCalculator.cs index 25e36530c..67dadede8 100644 --- a/crypto/src/crypto/signers/HMacDsaKCalculator.cs +++ b/crypto/src/crypto/signers/HMacDsaKCalculator.cs @@ -58,7 +58,10 @@ namespace Org.BouncyCastle.Crypto.Signers int size = BigIntegers.GetUnsignedByteLength(n); #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> xm = stackalloc byte[size * 2]; + int xmSize = size * 2; + Span<byte> xm = xmSize <= 512 + ? stackalloc byte[xmSize] + : new byte[xmSize]; BigIntegers.AsUnsignedByteArray(d, xm[..size]); BigIntegers.AsUnsignedByteArray(mInt, xm[size..]); #else diff --git a/crypto/src/crypto/signers/X931Signer.cs b/crypto/src/crypto/signers/X931Signer.cs index 278410f2a..40255c40c 100644 --- a/crypto/src/crypto/signers/X931Signer.cs +++ b/crypto/src/crypto/signers/X931Signer.cs @@ -179,7 +179,10 @@ namespace Org.BouncyCastle.Crypto.Signers CreateSignatureBlock(); #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> fBlock = stackalloc byte[block.Length]; + int fBlockSize = block.Length; + Span<byte> fBlock = fBlockSize <= 512 + ? stackalloc byte[fBlockSize] + : new byte[fBlockSize]; BigIntegers.AsUnsignedByteArray(f, fBlock); #else byte[] fBlock = BigIntegers.AsUnsignedByteArray(block.Length, f); diff --git a/crypto/src/math/ec/ECAlgorithms.cs b/crypto/src/math/ec/ECAlgorithms.cs index fcfab06f7..3059ca3b3 100644 --- a/crypto/src/math/ec/ECAlgorithms.cs +++ b/crypto/src/math/ec/ECAlgorithms.cs @@ -216,7 +216,10 @@ namespace Org.BouncyCastle.Math.EC throw new ArgumentException("Point must be on the same curve", nameof(p)); #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - Span<byte> encoding = stackalloc byte[p.GetEncodedLength(false)]; + int encodedLength = p.GetEncodedLength(false); + Span<byte> encoding = encodedLength <= 512 + ? stackalloc byte[encodedLength] + : new byte[encodedLength]; p.EncodeTo(false, encoding); return c.DecodePoint(encoding); #else diff --git a/crypto/src/math/ec/rfc8032/Ed25519.cs b/crypto/src/math/ec/rfc8032/Ed25519.cs index d6bf461cf..f3b63f3b3 100644 --- a/crypto/src/math/ec/rfc8032/Ed25519.cs +++ b/crypto/src/math/ec/rfc8032/Ed25519.cs @@ -433,7 +433,10 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 public static void GeneratePublicKey(ReadOnlySpan<byte> sk, Span<byte> pk) { IDigest d = CreateDigest(); - Span<byte> h = stackalloc byte[d.GetDigestSize()]; + int digestSize = d.GetDigestSize(); + Span<byte> h = digestSize <= 128 + ? stackalloc byte[digestSize] + : new byte[digestSize]; d.BlockUpdate(sk[..SecretKeySize]); d.DoFinal(h); diff --git a/crypto/src/openpgp/PgpPublicKey.cs b/crypto/src/openpgp/PgpPublicKey.cs index 6d5f35018..cdb8efd36 100644 --- a/crypto/src/openpgp/PgpPublicKey.cs +++ b/crypto/src/openpgp/PgpPublicKey.cs @@ -510,8 +510,10 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp BigInteger encodedPoint = ecK.EncodedPoint; #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - int encodingLength = BigIntegers.GetUnsignedByteLength(encodedPoint); - Span<byte> encoding = stackalloc byte[encodingLength]; + int encodedLength = BigIntegers.GetUnsignedByteLength(encodedPoint); + Span<byte> encoding = encodedLength <= 512 + ? stackalloc byte[encodedLength] + : new byte[encodedLength]; BigIntegers.AsUnsignedByteArray(encodedPoint, encoding); ECPoint q = x9.Curve.DecodePoint(encoding); #else |