Make crypto_test build with -Wframe-larger-than=25344
One consumer builds libcrypto with -Wframe-larger-than=25344. They
don't seem to build crypto_test, but mimicking that limit will be easier
if we can just apply it across the board.
Change-Id: I619780809f7cf8ac915fe1a103965b5f2e6dcd50
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66828
Auto-Submit: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/crypto/hrss/hrss_test.cc b/crypto/hrss/hrss_test.cc
index 8c4d15f..a3814ac 100644
--- a/crypto/hrss/hrss_test.cc
+++ b/crypto/hrss/hrss_test.cc
@@ -492,8 +492,11 @@
uint8_t kCanary[256];
static_assert(sizeof(kCanary) % 32 == 0, "needed for alignment");
memset(kCanary, 42, sizeof(kCanary));
- alignas(32) uint8_t
- scratch[sizeof(kCanary) + POLY_MUL_RQ_SCRATCH_SPACE + sizeof(kCanary)];
+
+ auto scratch_buf = std::make_unique<uint8_t[]>(
+ 32 + sizeof(kCanary) + POLY_MUL_RQ_SCRATCH_SPACE + sizeof(kCanary));
+ uint8_t *scratch =
+ static_cast<uint8_t *>(align_pointer(scratch_buf.get(), 32));
OPENSSL_memcpy(scratch, kCanary, sizeof(kCanary));
OPENSSL_memcpy(scratch + sizeof(kCanary) + POLY_MUL_RQ_SCRATCH_SPACE, kCanary,
sizeof(kCanary));
diff --git a/crypto/kyber/kyber_test.cc b/crypto/kyber/kyber_test.cc
index 9956478..9b05813 100644
--- a/crypto/kyber/kyber_test.cc
+++ b/crypto/kyber/kyber_test.cc
@@ -46,9 +46,12 @@
}
TEST(KyberTest, Basic) {
+ // This function makes several Kyber keys, which runs up against stack limits.
+ // Heap-allocate them instead.
+
uint8_t encoded_public_key[KYBER_PUBLIC_KEY_BYTES];
- KYBER_private_key priv;
- KYBER_generate_key(encoded_public_key, &priv);
+ auto priv = std::make_unique<KYBER_private_key>();
+ KYBER_generate_key(encoded_public_key, priv.get());
uint8_t first_two_bytes[2];
OPENSSL_memcpy(first_two_bytes, encoded_public_key, sizeof(first_two_bytes));
@@ -56,26 +59,26 @@
CBS encoded_public_key_cbs;
CBS_init(&encoded_public_key_cbs, encoded_public_key,
sizeof(encoded_public_key));
- KYBER_public_key pub;
+ auto pub = std::make_unique<KYBER_public_key>();
// Parsing should fail because the first coefficient is >= kPrime;
- ASSERT_FALSE(KYBER_parse_public_key(&pub, &encoded_public_key_cbs));
+ ASSERT_FALSE(KYBER_parse_public_key(pub.get(), &encoded_public_key_cbs));
OPENSSL_memcpy(encoded_public_key, first_two_bytes, sizeof(first_two_bytes));
CBS_init(&encoded_public_key_cbs, encoded_public_key,
sizeof(encoded_public_key));
- ASSERT_TRUE(KYBER_parse_public_key(&pub, &encoded_public_key_cbs));
+ ASSERT_TRUE(KYBER_parse_public_key(pub.get(), &encoded_public_key_cbs));
EXPECT_EQ(CBS_len(&encoded_public_key_cbs), 0u);
EXPECT_EQ(Bytes(encoded_public_key),
- Bytes(Marshal(KYBER_marshal_public_key, &pub)));
+ Bytes(Marshal(KYBER_marshal_public_key, pub.get())));
- KYBER_public_key pub2;
- KYBER_public_from_private(&pub2, &priv);
+ auto pub2 = std::make_unique<KYBER_public_key>();
+ KYBER_public_from_private(pub2.get(), priv.get());
EXPECT_EQ(Bytes(encoded_public_key),
- Bytes(Marshal(KYBER_marshal_public_key, &pub2)));
+ Bytes(Marshal(KYBER_marshal_public_key, pub2.get())));
std::vector<uint8_t> encoded_private_key(
- Marshal(KYBER_marshal_private_key, &priv));
+ Marshal(KYBER_marshal_private_key, priv.get()));
EXPECT_EQ(encoded_private_key.size(), size_t{KYBER_PRIVATE_KEY_BYTES});
OPENSSL_memcpy(first_two_bytes, encoded_private_key.data(),
@@ -83,24 +86,24 @@
OPENSSL_memset(encoded_private_key.data(), 0xff, sizeof(first_two_bytes));
CBS cbs;
CBS_init(&cbs, encoded_private_key.data(), encoded_private_key.size());
- KYBER_private_key priv2;
+ auto priv2 = std::make_unique<KYBER_private_key>();
// Parsing should fail because the first coefficient is >= kPrime.
- ASSERT_FALSE(KYBER_parse_private_key(&priv2, &cbs));
+ ASSERT_FALSE(KYBER_parse_private_key(priv2.get(), &cbs));
OPENSSL_memcpy(encoded_private_key.data(), first_two_bytes,
sizeof(first_two_bytes));
CBS_init(&cbs, encoded_private_key.data(), encoded_private_key.size());
- ASSERT_TRUE(KYBER_parse_private_key(&priv2, &cbs));
+ ASSERT_TRUE(KYBER_parse_private_key(priv2.get(), &cbs));
EXPECT_EQ(Bytes(encoded_private_key),
- Bytes(Marshal(KYBER_marshal_private_key, &priv2)));
+ Bytes(Marshal(KYBER_marshal_private_key, priv2.get())));
uint8_t ciphertext[KYBER_CIPHERTEXT_BYTES];
uint8_t shared_secret1[KYBER_SHARED_SECRET_BYTES];
uint8_t shared_secret2[KYBER_SHARED_SECRET_BYTES];
- KYBER_encap(ciphertext, shared_secret1, &pub);
- KYBER_decap(shared_secret2, ciphertext, &priv);
+ KYBER_encap(ciphertext, shared_secret1, pub.get());
+ KYBER_decap(shared_secret2, ciphertext, priv.get());
EXPECT_EQ(Bytes(shared_secret1), Bytes(shared_secret2));
- KYBER_decap(shared_secret2, ciphertext, &priv2);
+ KYBER_decap(shared_secret2, ciphertext, priv2.get());
EXPECT_EQ(Bytes(shared_secret1), Bytes(shared_secret2));
}