From cee9569fdd5679bec2c5560510576d0c409103b8 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sun, 19 Dec 2021 14:32:34 +0100 Subject: [PATCH 01/17] annotate some and fix un-aligned `#endif` This fixes #572 Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_custom.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/headers/tomcrypt_custom.h b/src/headers/tomcrypt_custom.h index b13c2e08f..95c56c7f7 100644 --- a/src/headers/tomcrypt_custom.h +++ b/src/headers/tomcrypt_custom.h @@ -114,7 +114,7 @@ #define LTC_NO_MISC #define LTC_BASE64 -#endif +#endif /* LTC_EASY */ /* The minimal set of functionality to run the tests */ #ifdef LTC_MINIMAL @@ -129,7 +129,7 @@ #define LTC_TRY_URANDOM_FIRST #undef LTC_NO_FILE -#endif +#endif /* LTC_MINIMAL */ /* Enable self-test test vector checking */ #ifndef LTC_NO_TEST @@ -357,7 +357,7 @@ #define LTC_YARROW_AES 2 #endif -#endif +#endif /* LTC_YARROW */ #ifdef LTC_FORTUNA @@ -553,7 +553,7 @@ #define LTC_ECC_SECP384R1 #define LTC_ECC_SECP521R1 #endif -#endif +#endif /* LTC_MECC */ #if defined(LTC_DER) #ifndef LTC_DER_MAX_RECURSION @@ -690,15 +690,13 @@ #define LTC_MUTEX_UNLOCK(x) #define LTC_MUTEX_DESTROY(x) -#endif +#endif /* LTC_PTHREAD */ /* Debuggers */ /* define this if you use Valgrind, note: it CHANGES the way SOBER-128 and RC4 work (see the code) */ /* #define LTC_VALGRIND */ -#endif - #ifndef LTC_NO_FILE /* buffer size for reading from a file via fread(..) */ #ifndef LTC_FILE_READ_BUFSIZE @@ -739,3 +737,5 @@ #define LTC_ECC_SECP521R1 #undef LTC_ECC521 #endif + +#endif /* TOMCRYPT_CUSTOM_H_ */ From 11590de2414ca84199eb395c6ad187087b63a95a Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 25 Dec 2021 13:24:14 +0100 Subject: [PATCH 02/17] add SSH-style padding Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_misc.h | 1 + src/misc/padding/padding_depad.c | 6 ++++++ src/misc/padding/padding_pad.c | 11 +++++++++-- tests/padding_test.c | 19 +++++++++++++++++++ 4 files changed, 35 insertions(+), 2 deletions(-) diff --git a/src/headers/tomcrypt_misc.h b/src/headers/tomcrypt_misc.h index ae861fe38..2da0a4a19 100644 --- a/src/headers/tomcrypt_misc.h +++ b/src/headers/tomcrypt_misc.h @@ -146,6 +146,7 @@ enum padding_type { LTC_PAD_ISO_10126 = 0x1000U, #endif LTC_PAD_ANSI_X923 = 0x2000U, + LTC_PAD_SSH = 0x3000U, /* The following padding modes don't contain the padding * length as last byte of the padding. */ diff --git a/src/misc/padding/padding_depad.c b/src/misc/padding/padding_depad.c index 7489de126..e3f715112 100644 --- a/src/misc/padding/padding_depad.c +++ b/src/misc/padding/padding_depad.c @@ -53,6 +53,12 @@ int padding_depad(const unsigned char *data, unsigned long *length, unsigned lon /* nop */ break; #endif + case LTC_PAD_SSH: + pad = 0x1; + for (n = unpadded_length; n < padded_length; ++n) { + if (data[n] != pad++) return CRYPT_INVALID_PACKET; + } + break; case LTC_PAD_ONE_AND_ZERO: while (unpadded_length > 0 && data[unpadded_length - 1] != 0x80) { if (data[unpadded_length - 1] != 0x0) return CRYPT_INVALID_PACKET; diff --git a/src/misc/padding/padding_pad.c b/src/misc/padding/padding_pad.c index 8a775b3d4..7d8bbbad8 100644 --- a/src/misc/padding/padding_pad.c +++ b/src/misc/padding/padding_pad.c @@ -32,6 +32,7 @@ static int s_padding_padded_length(unsigned long *length, unsigned long mode) case LTC_PAD_PKCS7: case LTC_PAD_ONE_AND_ZERO: case LTC_PAD_ZERO_ALWAYS: + case LTC_PAD_SSH: t = 1; break; #ifdef LTC_RNG_GET_BYTES @@ -78,10 +79,10 @@ static int s_padding_padded_length(unsigned long *length, unsigned long mode) */ int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode) { - unsigned long l; + unsigned long l, n; enum padding_type type; int err; - unsigned char diff; + unsigned char diff, pad; LTC_ARGCHK(data != NULL); LTC_ARGCHK(padded_length != NULL); @@ -125,6 +126,12 @@ int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded XMEMSET(&data[length], 0, diff-1); data[l-1] = diff; break; + case LTC_PAD_SSH: + pad = 0x1; + for (n = length; n < l; ++n) { + data[n] = pad++; + } + break; case LTC_PAD_ONE_AND_ZERO: XMEMSET(&data[length + 1], 0, diff); data[length] = 0x80; diff --git a/tests/padding_test.c b/tests/padding_test.c index 2476cc0f7..b111cc848 100644 --- a/tests/padding_test.c +++ b/tests/padding_test.c @@ -88,6 +88,18 @@ static int s_cmp_zero(const padding_testcase* t, const unsigned char* p, unsigne return CRYPT_OK; } +static int s_cmp_ssh(const padding_testcase* t, const unsigned char* p, unsigned long len) +{ + unsigned long n, diff = len - t->is; + unsigned char pad = 0x1; + DOX(EQ(len, t->should), t->name); + for (n = len - diff; n < len; ++n) { + DOX(EQ(p[n], pad), t->name); + pad++; + } + return CRYPT_OK; +} + static int s_padding_testrun(const padding_testcase* t) { unsigned long len; @@ -126,6 +138,13 @@ int padding_test(void) { 255, 256, 0, LTC_PAD_ANSI_X923 | 16, "255-x923", s_cmp_x923 }, { 256, 272, 0, LTC_PAD_ANSI_X923 | 16, "256-x923", s_cmp_x923 }, + { 0, 16, 0, LTC_PAD_SSH | 16, "0-ssh", s_cmp_ssh }, + { 1, 16, 0, LTC_PAD_SSH | 16, "1-ssh", s_cmp_ssh }, + { 15, 16, 0, LTC_PAD_SSH | 16, "15-ssh", s_cmp_ssh }, + { 16, 32, 0, LTC_PAD_SSH | 16, "16-ssh", s_cmp_ssh }, + { 255, 256, 0, LTC_PAD_SSH | 16, "255-ssh", s_cmp_ssh }, + { 256, 272, 0, LTC_PAD_SSH | 16, "256-ssh", s_cmp_ssh }, + { 0, 16, 0, LTC_PAD_ONE_AND_ZERO | 16, "0-one-and-zero", s_cmp_oaz }, { 1, 16, 0, LTC_PAD_ONE_AND_ZERO | 16, "1-one-and-zero", s_cmp_oaz }, { 15, 16, 0, LTC_PAD_ONE_AND_ZERO | 16, "15-one-and-zero", s_cmp_oaz }, From b39c46f817f4a1f6cffb09d8dec31bbec8dd8c2d Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 25 Dec 2021 13:35:54 +0100 Subject: [PATCH 03/17] re-order code a bit ... so only relevant parts are executed Signed-off-by: Steffen Jaeckel --- src/pk/ecc/ecc_export_openssl.c | 71 +++++++++++++++++---------------- 1 file changed, 36 insertions(+), 35 deletions(-) diff --git a/src/pk/ecc/ecc_export_openssl.c b/src/pk/ecc/ecc_export_openssl.c index 97123d647..ea884b6b7 100644 --- a/src/pk/ecc/ecc_export_openssl.c +++ b/src/pk/ecc/ecc_export_openssl.c @@ -34,41 +34,6 @@ int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, cons if (key->type != PK_PRIVATE && flag_pri) return CRYPT_PK_TYPE_MISMATCH; - prime = key->dp.prime; - order = key->dp.order; - b = key->dp.B; - a = key->dp.A; - gx = key->dp.base.x; - gy = key->dp.base.y; - - /* curve param a */ - len_a = mp_unsigned_bin_size(a); - if (len_a > sizeof(bin_a)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } - if ((err = mp_to_unsigned_bin(a, bin_a)) != CRYPT_OK) { goto error; } - if (len_a == 0) { len_a = 1; bin_a[0] = 0; } /* handle case a == 0 */ - - /* curve param b */ - len_b = mp_unsigned_bin_size(b); - if (len_b > sizeof(bin_b)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } - if ((err = mp_to_unsigned_bin(b, bin_b)) != CRYPT_OK) { goto error; } - if (len_b == 0) { len_b = 1; bin_b[0] = 0; } /* handle case b == 0 */ - - /* base point - (un)compressed based on flag_com */ - len_g = sizeof(bin_g); - err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp.size, flag_com); - if (err != CRYPT_OK) { goto error; } - - /* public key - (un)compressed based on flag_com */ - len_xy = sizeof(bin_xy); - err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp.size, flag_com); - if (err != CRYPT_OK) { goto error; } - - /* co-factor */ - cofactor = key->dp.cofactor; - - /* we support only prime-field EC */ - if ((err = pk_get_oid(PKA_EC_PRIMEF, &OID)) != CRYPT_OK) { goto error; } - if (flag_oid) { /* http://tools.ietf.org/html/rfc5912 ECParameters ::= CHOICE { @@ -79,6 +44,34 @@ int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, cons LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_OBJECT_IDENTIFIER, key->dp.oid, key->dp.oidlen); } else { + prime = key->dp.prime; + order = key->dp.order; + a = key->dp.A; + b = key->dp.B; + gx = key->dp.base.x; + gy = key->dp.base.y; + cofactor = key->dp.cofactor; + + /* curve param a */ + len_a = mp_unsigned_bin_size(a); + if (len_a > sizeof(bin_a)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } + if ((err = mp_to_unsigned_bin(a, bin_a)) != CRYPT_OK) { goto error; } + if (len_a == 0) { len_a = 1; bin_a[0] = 0; } /* handle case a == 0 */ + + /* curve param b */ + len_b = mp_unsigned_bin_size(b); + if (len_b > sizeof(bin_b)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } + if ((err = mp_to_unsigned_bin(b, bin_b)) != CRYPT_OK) { goto error; } + if (len_b == 0) { len_b = 1; bin_b[0] = 0; } /* handle case b == 0 */ + + /* base point - (un)compressed based on flag_com */ + len_g = sizeof(bin_g); + err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp.size, flag_com); + if (err != CRYPT_OK) { goto error; } + + /* we support only prime-field EC */ + if ((err = pk_get_oid(PKA_EC_PRIMEF, &OID)) != CRYPT_OK) { goto error; } + /* http://tools.ietf.org/html/rfc3279 ECParameters ::= SEQUENCE { # SEQUENCE version INTEGER { ecpVer1(1) } (ecpVer1) # INTEGER :01 @@ -122,7 +115,15 @@ int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, cons LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL); } + /* public key - (un)compressed based on flag_com */ + len_xy = sizeof(bin_xy); + err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp.size, flag_com); + if (err != CRYPT_OK) { + goto error; + } + if (flag_pri) { + /* http://tools.ietf.org/html/rfc5915 ECPrivateKey ::= SEQUENCE { # SEQUENCE version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1) # INTEGER :01 From 1aac5b322ab5cceecac2819b512e9426d0faba48 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 25 Dec 2021 14:17:05 +0100 Subject: [PATCH 04/17] fix typo Signed-off-by: Steffen Jaeckel --- doc/crypt.tex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/crypt.tex b/doc/crypt.tex index d2c4940f8..077e3b0d9 100644 --- a/doc/crypt.tex +++ b/doc/crypt.tex @@ -1546,7 +1546,7 @@ \chapter{Stream Ciphers} err = rc4_stream_done(&st); \end{verbatim} -To encrypt plaintext (or decrypt ciphertext) using RC6 for data already in +To encrypt plaintext (or decrypt ciphertext) using RC4 for data already in memory with a single function call, the following function may be used. \begin{verbatim} err = rc4_stream_memory(key, keylen, datain, datalen, dataout); From 0bfa7d0e1e900e32fb6feaadcd729e870a400b66 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 25 Dec 2021 18:52:49 +0100 Subject: [PATCH 05/17] add `base64_encode_pem()` Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_private.h | 11 +++++++ src/misc/base64/base64_encode.c | 55 ++++++++++++++++++++++++++++----- tests/base64_test.c | 27 ++++++++++++++-- 3 files changed, 82 insertions(+), 11 deletions(-) diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 7c1e17240..6ee049b43 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -202,6 +202,17 @@ void ocb3_int_xor_blocks(unsigned char *out, const unsigned char *block_a, const /* tomcrypt_misc.h */ +typedef enum { + /** Use `\r\n` as line separator */ + BASE64_PEM_CRLF = 1, + /** Create output with 72 chars line length */ + BASE64_PEM_SSH = 2, +} base64_pem_flags; + +int base64_encode_pem(const unsigned char *in, unsigned long inlen, + char *out, unsigned long *outlen, + unsigned int flags); + void copy_or_zeromem(const unsigned char* src, unsigned char* dest, unsigned long len, int coz); int pbes_decrypt(const pbes_arg *arg, unsigned char *dec_data, unsigned long *dec_size); diff --git a/src/misc/base64/base64_encode.c b/src/misc/base64/base64_encode.c index ad512d836..4631fbd57 100644 --- a/src/misc/base64/base64_encode.c +++ b/src/misc/base64/base64_encode.c @@ -21,19 +21,35 @@ static const char * const codes_base64url = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; #endif /* LTC_BASE64_URL */ -static int s_base64_encode_internal(const unsigned char *in, unsigned long inlen, - char *out, unsigned long *outlen, - const char *codes, int pad) +enum mode { + nopad = 0, + pad = 1, + lf = 2, + cr = 4, + ssh = 8, + crlf = lf | cr, +}; + +static int s_base64_encode_internal(const unsigned char *in, unsigned long inlen, + char *out, unsigned long *outlen, + const char *codes, unsigned int mode) { - unsigned long i, len2, leven; + unsigned long i, len2, leven, linelen; char *p; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); + linelen = (mode & ssh) ? 72 : 64; + /* valid output size ? */ len2 = 4 * ((inlen + 2) / 3); + if ((mode & crlf) == lf) { + len2 += len2 / linelen; + } else if ((mode & crlf) == crlf) { + len2 += (len2 / linelen) * 2; + } if (*outlen < len2 + 1) { *outlen = len2 + 1; return CRYPT_BUFFER_OVERFLOW; @@ -46,6 +62,10 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long inle *p++ = codes[(((in[1] & 0xf) << 2) + (in[2] >> 6)) & 0x3F]; *p++ = codes[in[2] & 0x3F]; in += 3; + if ((p - out) % linelen == 0) { + if (mode & cr) *p++ = '\r'; + if (mode & lf) *p++ = '\n'; + } } /* Pad it if necessary... */ if (i < inlen) { @@ -54,7 +74,7 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long inle *p++ = codes[(a >> 2) & 0x3F]; *p++ = codes[(((a & 3) << 4) + (b >> 4)) & 0x3F]; - if (pad) { + if (mode & pad) { *p++ = (i+1 < inlen) ? codes[(((b & 0xf) << 2)) & 0x3F] : '='; *p++ = '='; } @@ -83,7 +103,26 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long inle int base64_encode(const unsigned char *in, unsigned long inlen, char *out, unsigned long *outlen) { - return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, 1); + return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, pad); +} + +/** + base64 Encode a buffer for PEM output + (NUL terminated with line-break at 64 chars) + @param in The input buffer to encode + @param inlen The length of the input buffer + @param out [out] The destination of the base64 encoded data + @param outlen [in/out] The max size and resulting size + @param flags \ref base64_pem_flags + @return CRYPT_OK if successful +*/ +int base64_encode_pem(const unsigned char *in, unsigned long inlen, + char *out, unsigned long *outlen, + unsigned int flags) +{ + int use_crlf = flags & BASE64_PEM_CRLF ? pad | crlf : pad | lf; + int ssh_style = flags & BASE64_PEM_SSH ? ssh : 0; + return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, ssh_style | use_crlf); } #endif /* LTC_BASE64 */ @@ -100,13 +139,13 @@ int base64_encode(const unsigned char *in, unsigned long inlen, int base64url_encode(const unsigned char *in, unsigned long inlen, char *out, unsigned long *outlen) { - return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, 0); + return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, nopad); } int base64url_strict_encode(const unsigned char *in, unsigned long inlen, char *out, unsigned long *outlen) { - return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, 1); + return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, pad); } #endif /* LTC_BASE64_URL */ diff --git a/tests/base64_test.c b/tests/base64_test.c index 849248198..9b843f1e2 100644 --- a/tests/base64_test.c +++ b/tests/base64_test.c @@ -15,6 +15,11 @@ int base64_test(void) 0xbe, 0xe8, 0x92, 0x3c, 0xa2, 0x25, 0xf0, 0xf8, 0x91, 0xe4, 0xef, 0xab, 0x0b, 0x8c, 0xfd, 0xff, 0x14, 0xd0, 0x29, 0x9d, 0x00 }; + /* 3 A's are encoded as QUFB */ + const char *As_lf = "QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB\nQUFB"; + const char *As_crlf = "QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB\r\nQUFB"; + const char *As_ssh_lf = "QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB\nQUFB"; + const char *As_ssh_crlf = "QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB\r\nQUFB"; #if defined(LTC_BASE64) /* @@ -140,16 +145,32 @@ int base64_test(void) out[10] = 0; DO(base64_decode(out, l1, tmp, &l2)); - DO(compare_testvector(tmp, l2, in, l2, "insane base64 decoding (NUL)", -1)); + DO(compare_testvector(tmp, l2, in, l2, "insane base64 decoding (NUL)", 0)); DO(base64_sane_decode(out, l1, tmp, &l2) == CRYPT_INVALID_PACKET ? CRYPT_OK : CRYPT_INVALID_PACKET); DO(base64_strict_decode(out, l1, tmp, &l2) == CRYPT_INVALID_PACKET ? CRYPT_OK : CRYPT_INVALID_PACKET); out[10] = 9; /* tab */ DO(base64_decode(out, l1, tmp, &l2)); - DO(compare_testvector(tmp, l2, in, l2, "insane base64 decoding (TAB)", -1)); + DO(compare_testvector(tmp, l2, in, l2, "insane base64 decoding (TAB)", 0)); DO(base64_sane_decode(out, l1, tmp, &l2)); - DO(compare_testvector(tmp, l2, in, l2, "relaxed base64 decoding (TAB)", -1)); + DO(compare_testvector(tmp, l2, in, l2, "relaxed base64 decoding (TAB)", 0)); DO(base64_strict_decode(out, l1, tmp, &l2) == CRYPT_INVALID_PACKET ? CRYPT_OK : CRYPT_INVALID_PACKET); + + memset(in, 'A', sizeof(in)); + l1 = strlen(As_lf); + SHOULD_FAIL(base64_encode_pem(in, 51, out, &l1, 0)); + l1++; + DO(base64_encode_pem(in, 51, out, &l1, 0)); + DO(compare_testvector(out, l1, As_lf, strlen(As_lf), "PEM output with \\n", 0)); + l1 = strlen(As_crlf) + 1; + DO(base64_encode_pem(in, 51, out, &l1, BASE64_PEM_CRLF)); + DO(compare_testvector(out, l1, As_crlf, strlen(As_crlf), "PEM output with \\r\\n", 0)); + l1 = strlen(As_ssh_lf) + 1; + DO(base64_encode_pem(in, 57, out, &l1, BASE64_PEM_SSH)); + DO(compare_testvector(out, l1, As_ssh_lf, strlen(As_ssh_lf), "PEM SSH-style output with \\n", 0)); + l1 = strlen(As_ssh_crlf) + 1; + DO(base64_encode_pem(in, 57, out, &l1, BASE64_PEM_SSH | BASE64_PEM_CRLF)); + DO(compare_testvector(out, l1, As_ssh_crlf, strlen(As_ssh_crlf), "PEM SSH-style output with \\r\\n", 0)); #endif return 0; From a24af5f7e13fa0fcf57e94549bbe9c55729758b9 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sun, 26 Dec 2021 16:55:03 +0100 Subject: [PATCH 06/17] correctly prefix `enum ltc_oid_id` members Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_private.h | 12 ++++++------ src/pk/asn1/oid/pk_get_oid.c | 12 ++++++------ .../x509/x509_decode_public_key_from_certificate.c | 2 +- src/pk/dsa/dsa_export.c | 2 +- src/pk/dsa/dsa_import.c | 2 +- src/pk/ecc/ecc_export_openssl.c | 4 ++-- src/pk/ecc/ecc_import_pkcs8.c | 2 +- src/pk/ecc/ecc_import_x509.c | 6 +++--- src/pk/ed25519/ed25519_export.c | 2 +- src/pk/ed25519/ed25519_import.c | 4 ++-- src/pk/ed25519/ed25519_import_pkcs8.c | 2 +- src/pk/ed25519/ed25519_import_raw.c | 2 +- src/pk/ed25519/ed25519_import_x509.c | 4 ++-- src/pk/ed25519/ed25519_make_key.c | 2 +- src/pk/ed25519/ed25519_sign.c | 2 +- src/pk/ed25519/ed25519_verify.c | 2 +- src/pk/rsa/rsa_export.c | 2 +- src/pk/rsa/rsa_import.c | 2 +- src/pk/rsa/rsa_import_pkcs8.c | 2 +- src/pk/rsa/rsa_import_x509.c | 2 +- src/pk/x25519/x25519_export.c | 2 +- src/pk/x25519/x25519_import.c | 4 ++-- src/pk/x25519/x25519_import_pkcs8.c | 2 +- src/pk/x25519/x25519_import_raw.c | 2 +- src/pk/x25519/x25519_import_x509.c | 4 ++-- src/pk/x25519/x25519_make_key.c | 2 +- 26 files changed, 43 insertions(+), 43 deletions(-) diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 6ee049b43..c5fc211c7 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -14,12 +14,12 @@ */ enum ltc_oid_id { - PKA_RSA, - PKA_DSA, - PKA_EC, - PKA_EC_PRIMEF, - PKA_X25519, - PKA_ED25519, + LTC_OID_RSA, + LTC_OID_DSA, + LTC_OID_EC, + LTC_OID_EC_PRIMEF, + LTC_OID_X25519, + LTC_OID_ED25519, }; /* diff --git a/src/pk/asn1/oid/pk_get_oid.c b/src/pk/asn1/oid/pk_get_oid.c index 618cc8011..b3e1ee26b 100644 --- a/src/pk/asn1/oid/pk_get_oid.c +++ b/src/pk/asn1/oid/pk_get_oid.c @@ -10,12 +10,12 @@ typedef struct { } oid_table_entry; static const oid_table_entry pka_oids[] = { - { PKA_RSA, "1.2.840.113549.1.1.1" }, - { PKA_DSA, "1.2.840.10040.4.1" }, - { PKA_EC, "1.2.840.10045.2.1" }, - { PKA_EC_PRIMEF, "1.2.840.10045.1.1" }, - { PKA_X25519, "1.3.101.110" }, - { PKA_ED25519, "1.3.101.112" }, + { LTC_OID_RSA, "1.2.840.113549.1.1.1" }, + { LTC_OID_DSA, "1.2.840.10040.4.1" }, + { LTC_OID_EC, "1.2.840.10045.2.1" }, + { LTC_OID_EC_PRIMEF, "1.2.840.10045.1.1" }, + { LTC_OID_X25519, "1.3.101.110" }, + { LTC_OID_ED25519, "1.3.101.112" }, }; /* diff --git a/src/pk/asn1/x509/x509_decode_public_key_from_certificate.c b/src/pk/asn1/x509/x509_decode_public_key_from_certificate.c index 238222625..feff868fa 100644 --- a/src/pk/asn1/x509/x509_decode_public_key_from_certificate.c +++ b/src/pk/asn1/x509/x509_decode_public_key_from_certificate.c @@ -81,7 +81,7 @@ int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned lo if ((l->type == LTC_ASN1_SEQUENCE) && (l->data != NULL) && LOOKS_LIKE_SPKI(l->child)) { - if (algorithm == PKA_EC) { + if (algorithm == LTC_OID_EC) { err = callback(l->data, l->size, ctx); } else { err = x509_decode_subject_public_key_info(l->data, l->size, diff --git a/src/pk/dsa/dsa_export.c b/src/pk/dsa/dsa_export.c index 8f22ab8a1..3550cbeca 100644 --- a/src/pk/dsa/dsa_export.c +++ b/src/pk/dsa/dsa_export.c @@ -75,7 +75,7 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, const dsa_ke LTC_SET_ASN1(int_list, 1, LTC_ASN1_INTEGER, key->q, 1UL); LTC_SET_ASN1(int_list, 2, LTC_ASN1_INTEGER, key->g, 1UL); - err = x509_encode_subject_public_key_info(out, outlen, PKA_DSA, tmp, + err = x509_encode_subject_public_key_info(out, outlen, LTC_OID_DSA, tmp, tmplen, LTC_ASN1_SEQUENCE, int_list, sizeof(int_list) / sizeof(int_list[0])); diff --git a/src/pk/dsa/dsa_import.c b/src/pk/dsa/dsa_import.c index a1d22818d..80914721c 100644 --- a/src/pk/dsa/dsa_import.c +++ b/src/pk/dsa/dsa_import.c @@ -97,7 +97,7 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) } len = 3; - err = x509_decode_subject_public_key_info(in, inlen, PKA_DSA, + err = x509_decode_subject_public_key_info(in, inlen, LTC_OID_DSA, tmpbuf, &tmpbuf_len, LTC_ASN1_SEQUENCE, params, &len); if (err != CRYPT_OK) { diff --git a/src/pk/ecc/ecc_export_openssl.c b/src/pk/ecc/ecc_export_openssl.c index ea884b6b7..2e8999680 100644 --- a/src/pk/ecc/ecc_export_openssl.c +++ b/src/pk/ecc/ecc_export_openssl.c @@ -70,7 +70,7 @@ int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, cons if (err != CRYPT_OK) { goto error; } /* we support only prime-field EC */ - if ((err = pk_get_oid(PKA_EC_PRIMEF, &OID)) != CRYPT_OK) { goto error; } + if ((err = pk_get_oid(LTC_OID_EC_PRIMEF, &OID)) != CRYPT_OK) { goto error; } /* http://tools.ietf.org/html/rfc3279 ECParameters ::= SEQUENCE { # SEQUENCE @@ -156,7 +156,7 @@ int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, cons subjectPublicKey BIT STRING # BIT STRING } */ - err = x509_encode_subject_public_key_info( out, outlen, PKA_EC, bin_xy, len_xy, + err = x509_encode_subject_public_key_info( out, outlen, LTC_OID_EC, bin_xy, len_xy, ecparams.type, ecparams.data, ecparams.size ); } diff --git a/src/pk/ecc/ecc_import_pkcs8.c b/src/pk/ecc/ecc_import_pkcs8.c index 0461db095..2f1929c62 100644 --- a/src/pk/ecc/ecc_import_pkcs8.c +++ b/src/pk/ecc/ecc_import_pkcs8.c @@ -56,7 +56,7 @@ int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, LTC_ARGCHK(ltc_mp.name != NULL); /* get EC alg oid */ - err = pk_get_oid(PKA_EC, &pka_ec_oid); + err = pk_get_oid(LTC_OID_EC, &pka_ec_oid); if (err != CRYPT_OK) return err; /* init key */ diff --git a/src/pk/ecc/ecc_import_x509.c b/src/pk/ecc/ecc_import_x509.c index 7d64c63f7..83b42fe85 100644 --- a/src/pk/ecc/ecc_import_x509.c +++ b/src/pk/ecc/ecc_import_x509.c @@ -15,7 +15,7 @@ static int s_ecc_import_x509_with_oid(const unsigned char *in, unsigned long inl len_xy = sizeof(bin_xy); len_oid = 16; - err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, + err = x509_decode_subject_public_key_info(in, inlen, LTC_OID_EC, bin_xy, &len_xy, LTC_ASN1_OBJECT_IDENTIFIER, (void *)curveoid, &len_oid); if (err == CRYPT_OK) { /* load curve parameters for given curve OID */ @@ -63,7 +63,7 @@ static int s_ecc_import_x509_with_curve(const unsigned char *in, unsigned long i /* try to load public key */ len_xy = sizeof(bin_xy); len = 6; - err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, LTC_ASN1_SEQUENCE, seq_ecparams, &len); + err = x509_decode_subject_public_key_info(in, inlen, LTC_OID_EC, bin_xy, &len_xy, LTC_ASN1_SEQUENCE, seq_ecparams, &len); if (err == CRYPT_OK) { len_a = seq_curve[0].size; @@ -107,7 +107,7 @@ int ecc_import_subject_public_key_info(const unsigned char *in, unsigned long in int ecc_import_x509(const unsigned char *in, unsigned long inlen, ecc_key *key) { return x509_decode_public_key_from_certificate(in, inlen, - PKA_EC, + LTC_OID_EC, LTC_ASN1_EOL, NULL, NULL, (public_key_decode_cb)ecc_import_subject_public_key_info, key); } diff --git a/src/pk/ed25519/ed25519_export.c b/src/pk/ed25519/ed25519_export.c index 36adfc9d6..2b710e58d 100644 --- a/src/pk/ed25519/ed25519_export.c +++ b/src/pk/ed25519/ed25519_export.c @@ -23,7 +23,7 @@ int ed25519_export( unsigned char *out, unsigned long *outlen, { LTC_ARGCHK(key != NULL); - if (key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE; + if (key->algo != LTC_OID_ED25519) return CRYPT_PK_INVALID_TYPE; return ec25519_export(out, outlen, which, key); } diff --git a/src/pk/ed25519/ed25519_import.c b/src/pk/ed25519/ed25519_import.c index 9684e6fac..f197d59dc 100644 --- a/src/pk/ed25519/ed25519_import.c +++ b/src/pk/ed25519/ed25519_import.c @@ -25,9 +25,9 @@ int ed25519_import(const unsigned char *in, unsigned long inlen, curve25519_key LTC_ARGCHK(key != NULL); key_len = sizeof(key->pub); - if ((err = x509_decode_subject_public_key_info(in, inlen, PKA_ED25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) { + if ((err = x509_decode_subject_public_key_info(in, inlen, LTC_OID_ED25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) { key->type = PK_PUBLIC; - key->algo = PKA_ED25519; + key->algo = LTC_OID_ED25519; } return err; } diff --git a/src/pk/ed25519/ed25519_import_pkcs8.c b/src/pk/ed25519/ed25519_import_pkcs8.c index 3137c5128..71f12de49 100644 --- a/src/pk/ed25519/ed25519_import_pkcs8.c +++ b/src/pk/ed25519/ed25519_import_pkcs8.c @@ -22,7 +22,7 @@ int ed25519_import_pkcs8(const unsigned char *in, unsigned long inlen, const void *pwd, unsigned long pwdlen, curve25519_key *key) { - return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, PKA_ED25519, tweetnacl_crypto_sk_to_pk, key); + return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, LTC_OID_ED25519, tweetnacl_crypto_sk_to_pk, key); } #endif diff --git a/src/pk/ed25519/ed25519_import_raw.c b/src/pk/ed25519/ed25519_import_raw.c index 0a11372b7..19955d134 100644 --- a/src/pk/ed25519/ed25519_import_raw.c +++ b/src/pk/ed25519/ed25519_import_raw.c @@ -32,7 +32,7 @@ int ed25519_import_raw(const unsigned char *in, unsigned long inlen, int which, } else { return CRYPT_INVALID_ARG; } - key->algo = PKA_ED25519; + key->algo = LTC_OID_ED25519; key->type = which; return CRYPT_OK; diff --git a/src/pk/ed25519/ed25519_import_x509.c b/src/pk/ed25519/ed25519_import_x509.c index 451c4704e..44978ac2e 100644 --- a/src/pk/ed25519/ed25519_import_x509.c +++ b/src/pk/ed25519/ed25519_import_x509.c @@ -31,13 +31,13 @@ int ed25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519 LTC_ARGCHK(key != NULL); if ((err = x509_decode_public_key_from_certificate(in, inlen, - PKA_ED25519, + LTC_OID_ED25519, LTC_ASN1_EOL, NULL, NULL, (public_key_decode_cb)s_ed25519_decode, key)) != CRYPT_OK) { return err; } key->type = PK_PUBLIC; - key->algo = PKA_ED25519; + key->algo = LTC_OID_ED25519; return err; } diff --git a/src/pk/ed25519/ed25519_make_key.c b/src/pk/ed25519/ed25519_make_key.c index 5d81e5ac8..7cec1959d 100644 --- a/src/pk/ed25519/ed25519_make_key.c +++ b/src/pk/ed25519/ed25519_make_key.c @@ -28,7 +28,7 @@ int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key) } key->type = PK_PRIVATE; - key->algo = PKA_ED25519; + key->algo = LTC_OID_ED25519; return err; } diff --git a/src/pk/ed25519/ed25519_sign.c b/src/pk/ed25519/ed25519_sign.c index 86a4ea23d..f0f52fcaa 100644 --- a/src/pk/ed25519/ed25519_sign.c +++ b/src/pk/ed25519/ed25519_sign.c @@ -30,7 +30,7 @@ int ed25519_sign(const unsigned char *msg, unsigned long msglen, LTC_ARGCHK(siglen != NULL); LTC_ARGCHK(private_key != NULL); - if (private_key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE; + if (private_key->algo != LTC_OID_ED25519) return CRYPT_PK_INVALID_TYPE; if (private_key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE; if (*siglen < 64uL) { diff --git a/src/pk/ed25519/ed25519_verify.c b/src/pk/ed25519/ed25519_verify.c index d2c30c2ca..4b633756c 100644 --- a/src/pk/ed25519/ed25519_verify.c +++ b/src/pk/ed25519/ed25519_verify.c @@ -34,7 +34,7 @@ int ed25519_verify(const unsigned char *msg, unsigned long msglen, *stat = 0; if (siglen != 64uL) return CRYPT_INVALID_ARG; - if (public_key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE; + if (public_key->algo != LTC_OID_ED25519) return CRYPT_PK_INVALID_TYPE; mlen = msglen + siglen; if ((mlen < msglen) || (mlen < siglen)) return CRYPT_OVERFLOW; diff --git a/src/pk/rsa/rsa_export.c b/src/pk/rsa/rsa_export.c index ac8fed222..225224d0b 100644 --- a/src/pk/rsa/rsa_export.c +++ b/src/pk/rsa/rsa_export.c @@ -78,7 +78,7 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, const rsa_ke } err = x509_encode_subject_public_key_info(out, outlen, - PKA_RSA, tmp, tmplen, LTC_ASN1_NULL, NULL, 0); + LTC_OID_RSA, tmp, tmplen, LTC_ASN1_NULL, NULL, 0); finish: if (tmp != out) XFREE(tmp); diff --git a/src/pk/rsa/rsa_import.c b/src/pk/rsa/rsa_import.c index 5efb125e2..dd6715792 100644 --- a/src/pk/rsa/rsa_import.c +++ b/src/pk/rsa/rsa_import.c @@ -42,7 +42,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) len = 0; err = x509_decode_subject_public_key_info(in, inlen, - PKA_RSA, tmpbuf, &tmpbuf_len, + LTC_OID_RSA, tmpbuf, &tmpbuf_len, LTC_ASN1_NULL, NULL, &len); if (err == CRYPT_OK) { /* SubjectPublicKeyInfo format */ diff --git a/src/pk/rsa/rsa_import_pkcs8.c b/src/pk/rsa/rsa_import_pkcs8.c index 5d0bb6d2a..1e3e54de4 100644 --- a/src/pk/rsa/rsa_import_pkcs8.c +++ b/src/pk/rsa/rsa_import_pkcs8.c @@ -61,7 +61,7 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, LTC_ARGCHK(ltc_mp.name != NULL); /* get RSA alg oid */ - err = pk_get_oid(PKA_RSA, &rsaoid); + err = pk_get_oid(LTC_OID_RSA, &rsaoid); if (err != CRYPT_OK) { goto LBL_NOFREE; } /* alloc buffers */ diff --git a/src/pk/rsa/rsa_import_x509.c b/src/pk/rsa/rsa_import_x509.c index a66a26720..e921aae07 100644 --- a/src/pk/rsa/rsa_import_x509.c +++ b/src/pk/rsa/rsa_import_x509.c @@ -39,7 +39,7 @@ int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key) } if ((err = x509_decode_public_key_from_certificate(in, inlen, - PKA_RSA, LTC_ASN1_NULL, + LTC_OID_RSA, LTC_ASN1_NULL, NULL, NULL, (public_key_decode_cb)s_rsa_decode, key)) != CRYPT_OK) { rsa_free(key); diff --git a/src/pk/x25519/x25519_export.c b/src/pk/x25519/x25519_export.c index c828512bb..0687c135f 100644 --- a/src/pk/x25519/x25519_export.c +++ b/src/pk/x25519/x25519_export.c @@ -23,7 +23,7 @@ int x25519_export( unsigned char *out, unsigned long *outlen, { LTC_ARGCHK(key != NULL); - if (key->algo != PKA_X25519) return CRYPT_PK_INVALID_TYPE; + if (key->algo != LTC_OID_X25519) return CRYPT_PK_INVALID_TYPE; return ec25519_export(out, outlen, which, key); } diff --git a/src/pk/x25519/x25519_import.c b/src/pk/x25519/x25519_import.c index ddbbd54bf..247885f93 100644 --- a/src/pk/x25519/x25519_import.c +++ b/src/pk/x25519/x25519_import.c @@ -25,9 +25,9 @@ int x25519_import(const unsigned char *in, unsigned long inlen, curve25519_key * LTC_ARGCHK(key != NULL); key_len = sizeof(key->pub); - if ((err = x509_decode_subject_public_key_info(in, inlen, PKA_X25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) { + if ((err = x509_decode_subject_public_key_info(in, inlen, LTC_OID_X25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) { key->type = PK_PUBLIC; - key->algo = PKA_X25519; + key->algo = LTC_OID_X25519; } return err; } diff --git a/src/pk/x25519/x25519_import_pkcs8.c b/src/pk/x25519/x25519_import_pkcs8.c index 878df8cd4..8b577c311 100644 --- a/src/pk/x25519/x25519_import_pkcs8.c +++ b/src/pk/x25519/x25519_import_pkcs8.c @@ -22,7 +22,7 @@ int x25519_import_pkcs8(const unsigned char *in, unsigned long inlen, const void *pwd, unsigned long pwdlen, curve25519_key *key) { - return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, PKA_X25519, tweetnacl_crypto_scalarmult_base, key); + return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, LTC_OID_X25519, tweetnacl_crypto_scalarmult_base, key); } #endif diff --git a/src/pk/x25519/x25519_import_raw.c b/src/pk/x25519/x25519_import_raw.c index d118e3410..e86e8c6a2 100644 --- a/src/pk/x25519/x25519_import_raw.c +++ b/src/pk/x25519/x25519_import_raw.c @@ -32,7 +32,7 @@ int x25519_import_raw(const unsigned char *in, unsigned long inlen, int which, c } else { return CRYPT_INVALID_ARG; } - key->algo = PKA_X25519; + key->algo = LTC_OID_X25519; key->type = which; return CRYPT_OK; diff --git a/src/pk/x25519/x25519_import_x509.c b/src/pk/x25519/x25519_import_x509.c index 18e0b67d0..043b6ad98 100644 --- a/src/pk/x25519/x25519_import_x509.c +++ b/src/pk/x25519/x25519_import_x509.c @@ -31,13 +31,13 @@ int x25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_ LTC_ARGCHK(key != NULL); if ((err = x509_decode_public_key_from_certificate(in, inlen, - PKA_X25519, + LTC_OID_X25519, LTC_ASN1_EOL, NULL, NULL, (public_key_decode_cb)s_x25519_decode, key)) != CRYPT_OK) { return err; } key->type = PK_PUBLIC; - key->algo = PKA_X25519; + key->algo = LTC_OID_X25519; return err; } diff --git a/src/pk/x25519/x25519_make_key.c b/src/pk/x25519/x25519_make_key.c index 610eb96fb..40276fe9e 100644 --- a/src/pk/x25519/x25519_make_key.c +++ b/src/pk/x25519/x25519_make_key.c @@ -34,7 +34,7 @@ int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key) tweetnacl_crypto_scalarmult_base(key->pub, key->priv); key->type = PK_PRIVATE; - key->algo = PKA_X25519; + key->algo = LTC_OID_X25519; return err; } From ec27d57548fa3be1578dfa95526275bf688c98e5 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sun, 26 Dec 2021 17:38:23 +0100 Subject: [PATCH 07/17] slightly improve base64 encoding * ensure base64 encode in&out buffers aren't the same * allow calling any of the encode functions with `out` being a NULL-pointer, to be able to determine the size for storing the output. Signed-off-by: Steffen Jaeckel --- src/misc/base64/base64_encode.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/misc/base64/base64_encode.c b/src/misc/base64/base64_encode.c index 4631fbd57..ef8aee907 100644 --- a/src/misc/base64/base64_encode.c +++ b/src/misc/base64/base64_encode.c @@ -37,8 +37,6 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long in unsigned long i, len2, leven, linelen; char *p; - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); linelen = (mode & ssh) ? 72 : 64; @@ -54,6 +52,14 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long in *outlen = len2 + 1; return CRYPT_BUFFER_OVERFLOW; } + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + + if ((void*)in == out) { + return CRYPT_INVALID_ARG; + } + p = out; leven = 3*(inlen / 3); for (i = 0; i < leven; i += 3) { From 8899c81601577cb36c8042900222220a5024c5ee Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sun, 26 Dec 2021 18:38:58 +0100 Subject: [PATCH 08/17] continue looping on NOP Signed-off-by: Steffen Jaeckel --- tests/common.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/common.c b/tests/common.c index 1b4de1d07..9b80e9770 100644 --- a/tests/common.c +++ b/tests/common.c @@ -120,7 +120,7 @@ int test_process_dir(const char *path, void *ctx, dir_iter_cb process, dir_clean #if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 1 fprintf(stderr, "%s: Skip: %s\n", test, fname); #endif - break; + goto continue_loop; } else if (err != CRYPT_OK) { #if defined(LTC_TEST_DBG) fprintf(stderr, "%s: Test %s failed (cause: %s).\n\n", test, fname, error_to_string(err)); @@ -133,6 +133,7 @@ int test_process_dir(const char *path, void *ctx, dir_iter_cb process, dir_clean cleanup(ctx); } +continue_loop: XFREE(buf); buf = NULL; fclose(f); From 3bf3dffabce12ef91ef63afdd1681f8238469887 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 28 Dec 2021 17:28:36 +0100 Subject: [PATCH 09/17] signal a potential overflow when decoding a `LTC_ASN1_SHORT_INTEGER` Signed-off-by: Steffen Jaeckel --- src/pk/asn1/der/short_integer/der_decode_short_integer.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/pk/asn1/der/short_integer/der_decode_short_integer.c b/src/pk/asn1/der/short_integer/der_decode_short_integer.c index e596e0725..e00702d15 100644 --- a/src/pk/asn1/der/short_integer/der_decode_short_integer.c +++ b/src/pk/asn1/der/short_integer/der_decode_short_integer.c @@ -42,6 +42,10 @@ int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsig return CRYPT_INVALID_PACKET; } + if (len > sizeof(unsigned long)) { + return CRYPT_OVERFLOW; + } + /* read number */ y = 0; while (len--) { From 4a1477e2898e80fb085dc2836d27f5900380b8bb Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 28 Dec 2021 18:04:40 +0100 Subject: [PATCH 10/17] add (private) `rsa_import_pkcs1()` Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_private.h | 1 + src/pk/rsa/rsa_import.c | 114 ++++++++++++++++++++------------- src/pk/rsa/rsa_import_pkcs8.c | 29 +++------ 3 files changed, 78 insertions(+), 66 deletions(-) diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index c5fc211c7..519b4d280 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -236,6 +236,7 @@ int rsa_init(rsa_key *key); void rsa_shrink_key(rsa_key *key); int rsa_make_key_bn_e(prng_state *prng, int wprng, int size, void *e, rsa_key *key); /* used by op-tee */ +int rsa_import_pkcs1(const unsigned char *in, unsigned long inlen, rsa_key *key); #endif /* LTC_MRSA */ /* ---- DH Routines ---- */ diff --git a/src/pk/rsa/rsa_import.c b/src/pk/rsa/rsa_import.c index dd6715792..1240a77e7 100644 --- a/src/pk/rsa/rsa_import.c +++ b/src/pk/rsa/rsa_import.c @@ -9,8 +9,74 @@ #ifdef LTC_MRSA + +/** + Import an RSAPublicKey or RSAPrivateKey as defined in PKCS #1 v2.1 [two-prime only] + + The `key` passed into this function has to be already initialized and will + NOT be free'd on error! + + @param in The packet to import from + @param inlen It's length (octets) + @param key [out] Destination for newly imported key + @return CRYPT_OK if successful +*/ +int rsa_import_pkcs1(const unsigned char *in, unsigned long inlen, rsa_key *key) +{ + int err; + unsigned long version = -1; + + err = der_decode_sequence_multi(in, inlen, LTC_ASN1_SHORT_INTEGER, 1UL, &version, + LTC_ASN1_EOL, 0UL, NULL); + + if (err == CRYPT_OVERFLOW) { + /* the version would fit into an LTC_ASN1_SHORT_INTEGER + * so we try to decode as a public key + */ + if ((err = der_decode_sequence_multi(in, inlen, + LTC_ASN1_INTEGER, 1UL, key->N, + LTC_ASN1_INTEGER, 1UL, key->e, + LTC_ASN1_EOL, 0UL, NULL)) == CRYPT_OK) { + key->type = PK_PUBLIC; + } + goto LBL_OUT; + } else if (err != CRYPT_INPUT_TOO_LONG) { + /* couldn't decode the version, so error out */ + goto LBL_OUT; + } + + if (version == 0) { + /* it's a private key */ + if ((err = der_decode_sequence_multi(in, inlen, + LTC_ASN1_SHORT_INTEGER, 1UL, &version, + LTC_ASN1_INTEGER, 1UL, key->N, + LTC_ASN1_INTEGER, 1UL, key->e, + LTC_ASN1_INTEGER, 1UL, key->d, + LTC_ASN1_INTEGER, 1UL, key->p, + LTC_ASN1_INTEGER, 1UL, key->q, + LTC_ASN1_INTEGER, 1UL, key->dP, + LTC_ASN1_INTEGER, 1UL, key->dQ, + LTC_ASN1_INTEGER, 1UL, key->qP, + LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { + goto LBL_OUT; + } + key->type = PK_PRIVATE; + } else if (version == 1) { + /* we don't support multi-prime RSA */ + err = CRYPT_PK_INVALID_TYPE; + goto LBL_OUT; + } + err = CRYPT_OK; +LBL_OUT: + return err; +} + /** - Import an RSAPublicKey or RSAPrivateKey [two-prime only, only support >= 1024-bit keys, defined in PKCS #1 v2.1] + Import multiple formats of RSA public and private keys. + + RSAPublicKey or RSAPrivateKey as defined in PKCS #1 v2.1 [two-prime only] + SubjectPublicKeyInfo formatted public keys + @param in The packet to import from @param inlen It's length (octets) @param key [out] Destination for newly imported key @@ -19,7 +85,6 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) { int err; - void *zero; unsigned char *tmpbuf=NULL; unsigned long tmpbuf_len, len; @@ -60,50 +125,9 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) } /* not SSL public key, try to match against PKCS #1 standards */ - err = der_decode_sequence_multi(in, inlen, LTC_ASN1_INTEGER, 1UL, key->N, - LTC_ASN1_EOL, 0UL, NULL); - - if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { - goto LBL_ERR; - } - - if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) { - if ((err = mp_init(&zero)) != CRYPT_OK) { - goto LBL_ERR; - } - /* it's a private key */ - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_INTEGER, 1UL, zero, - LTC_ASN1_INTEGER, 1UL, key->N, - LTC_ASN1_INTEGER, 1UL, key->e, - LTC_ASN1_INTEGER, 1UL, key->d, - LTC_ASN1_INTEGER, 1UL, key->p, - LTC_ASN1_INTEGER, 1UL, key->q, - LTC_ASN1_INTEGER, 1UL, key->dP, - LTC_ASN1_INTEGER, 1UL, key->dQ, - LTC_ASN1_INTEGER, 1UL, key->qP, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - mp_clear(zero); - goto LBL_ERR; - } - mp_clear(zero); - key->type = PK_PRIVATE; - } else if (mp_cmp_d(key->N, 1) == LTC_MP_EQ) { - /* we don't support multi-prime RSA */ - err = CRYPT_PK_INVALID_TYPE; - goto LBL_ERR; - } else { - /* it's a public key and we lack e */ - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_INTEGER, 1UL, key->N, - LTC_ASN1_INTEGER, 1UL, key->e, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto LBL_ERR; - } - key->type = PK_PUBLIC; + if ((err = rsa_import_pkcs1(in, inlen, key)) == CRYPT_OK) { + goto LBL_FREE; } - err = CRYPT_OK; - goto LBL_FREE; LBL_ERR: rsa_free(key); diff --git a/src/pk/rsa/rsa_import_pkcs8.c b/src/pk/rsa/rsa_import_pkcs8.c index 1e3e54de4..9e02585cf 100644 --- a/src/pk/rsa/rsa_import_pkcs8.c +++ b/src/pk/rsa/rsa_import_pkcs8.c @@ -46,10 +46,9 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, rsa_key *key) { int err; - void *zero, *iter; unsigned char *buf1 = NULL, *buf2 = NULL; unsigned long buf1len, buf2len; - unsigned long oid[16]; + unsigned long oid[16], version; const char *rsaoid; ltc_asn1_list alg_seq[2], top_seq[3]; ltc_asn1_list *l = NULL; @@ -72,9 +71,8 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, buf2 = XMALLOC(buf2len); if (buf2 == NULL) { err = CRYPT_MEM; goto LBL_FREE1; } - if ((err = mp_init_multi(&zero, &iter, NULL)) != CRYPT_OK) { goto LBL_FREE2; } /* init key */ - if ((err = rsa_init(key)) != CRYPT_OK) { goto LBL_FREE3; } + if ((err = rsa_init(key)) != CRYPT_OK) { goto LBL_FREE2; } /* try to decode encrypted priv key */ if ((err = pkcs8_decode_flexi(in, inlen, passwd, passwdlen, &l)) != CRYPT_OK) { @@ -86,7 +84,7 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, /* try to decode unencrypted priv key */ LTC_SET_ASN1(alg_seq, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, 16UL); LTC_SET_ASN1(alg_seq, 1, LTC_ASN1_NULL, NULL, 0UL); - LTC_SET_ASN1(top_seq, 0, LTC_ASN1_INTEGER, zero, 1UL); + LTC_SET_ASN1(top_seq, 0, LTC_ASN1_SHORT_INTEGER, &version, 1UL); LTC_SET_ASN1(top_seq, 1, LTC_ASN1_SEQUENCE, alg_seq, 2UL); LTC_SET_ASN1(top_seq, 2, LTC_ASN1_OCTET_STRING, buf1, buf1len); err=der_decode_sequence(decrypted, decryptedlen, top_seq, 3UL); @@ -97,28 +95,17 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, goto LBL_ERR; } - err = der_decode_sequence_multi(buf1, top_seq[2].size, - LTC_ASN1_INTEGER, 1UL, zero, - LTC_ASN1_INTEGER, 1UL, key->N, - LTC_ASN1_INTEGER, 1UL, key->e, - LTC_ASN1_INTEGER, 1UL, key->d, - LTC_ASN1_INTEGER, 1UL, key->p, - LTC_ASN1_INTEGER, 1UL, key->q, - LTC_ASN1_INTEGER, 1UL, key->dP, - LTC_ASN1_INTEGER, 1UL, key->dQ, - LTC_ASN1_INTEGER, 1UL, key->qP, - LTC_ASN1_EOL, 0UL, NULL); - if (err != CRYPT_OK) { goto LBL_ERR; } + if ((err = rsa_import_pkcs1(buf1, top_seq[2].size, key)) != CRYPT_OK) { + goto LBL_ERR; + } key->type = PK_PRIVATE; err = CRYPT_OK; - goto LBL_FREE3; + goto LBL_FREE2; LBL_ERR: rsa_free(key); -LBL_FREE3: - mp_clear_multi(iter, zero, NULL); - if (l) der_free_sequence_flexi(l); LBL_FREE2: + if (l) der_free_sequence_flexi(l); XFREE(buf2); LBL_FREE1: XFREE(buf1); From c2f6c403fe083c142bb5dd028b64c4f6158ed3cb Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 14 Jan 2022 12:17:09 +0100 Subject: [PATCH 11/17] prevent UB This prevents incrementing `adata`, which can be a NULL pointer at this point. Fixes #583 Signed-off-by: Steffen Jaeckel --- src/encauth/gcm/gcm_add_aad.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/encauth/gcm/gcm_add_aad.c b/src/encauth/gcm/gcm_add_aad.c index 1e71639f7..5c3793ebb 100644 --- a/src/encauth/gcm/gcm_add_aad.c +++ b/src/encauth/gcm/gcm_add_aad.c @@ -83,7 +83,7 @@ int gcm_add_aad(gcm_state *gcm, x = 0; #ifdef LTC_FAST - if (gcm->buflen == 0) { + if (gcm->buflen == 0 && adatalen > 15) { for (x = 0; x < (adatalen & ~15); x += 16) { for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&adata[x + y])); From 10527031165e6b164e7005aa365eab76112888f7 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 14 Jan 2022 23:22:48 +0100 Subject: [PATCH 12/17] fix/improve DER tests Signed-off-by: Steffen Jaeckel --- tests/der_test.c | 64 +++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 52 insertions(+), 12 deletions(-) diff --git a/tests/der_test.c b/tests/der_test.c index 1ded3c2a8..720795992 100644 --- a/tests/der_test.c +++ b/tests/der_test.c @@ -229,19 +229,45 @@ SEQUENCE(3 elem) #define CHECK_ASN1_HAS_NO_DATA(l) CHECK_ASN1_HAS_NO(l, data) #ifdef LTC_DER_TESTS_PRINT_FLEXI + +static void* s_xmalloc(int l) +{ + void *r = XMALLOC(l); + +#if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 3 + fprintf(stderr, "ALLOC %9d to %p\n", l, r); +#endif + if (!r) { + fprintf(stderr, "Could not allocate %d bytes of memory\n", l); + exit(EXIT_FAILURE); + } + return r; +} + +static void s_free(void *p) +{ +#if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 3 + fprintf(stderr, "FREE %p\n", p); +#endif + XFREE(p); +} + static void s_der_tests_print_flexi(ltc_asn1_list* l, unsigned int level) { - char buf[1024]; + char *buf = NULL; const char* name = NULL; const char* text = NULL; ltc_asn1_list* ostring = NULL; unsigned int n; + int slen; switch (l->type) { case LTC_ASN1_EOL: name = "EOL"; - snprintf(buf, sizeof(buf),__ASN1_FMTSTRING_FMT "\n", ASN1_FMTSTRING_VAL(l)); + slen = snprintf(NULL, 0, ASN1_FMTSTRING_FMT "\n", ASN1_FMTSTRING_VAL(l)); + buf = s_xmalloc(slen); + slen = snprintf(buf, slen, ASN1_FMTSTRING_FMT "\n", ASN1_FMTSTRING_VAL(l)); text = buf; break; case LTC_ASN1_BOOLEAN: @@ -255,6 +281,7 @@ static void s_der_tests_print_flexi(ltc_asn1_list* l, unsigned int level) break; case LTC_ASN1_INTEGER: name = "INTEGER"; + buf = s_xmalloc(((mp_get_digit_count(l->data) + 1) * ltc_mp.bits_per_digit) / 3); mp_toradix(l->data, buf, 10); text = buf; break; @@ -273,11 +300,10 @@ static void s_der_tests_print_flexi(ltc_asn1_list* l, unsigned int level) */ if (der_decode_sequence_flexi(l->data, &ostring_l, &ostring) == CRYPT_OK) { text = ""; - } - else { + } else { int r; - char* s = buf; - int sz = sizeof(buf); + int sz = l->size * 2 + 1; + char* s = buf = s_xmalloc(sz); for (n = 0; n < l->size; ++n) { r = snprintf(s, sz, "%02X", ((unsigned char*)l->data)[n]); if (r < 0 || r >= sz) { @@ -298,7 +324,12 @@ static void s_der_tests_print_flexi(ltc_asn1_list* l, unsigned int level) case LTC_ASN1_OBJECT_IDENTIFIER: name = "OBJECT IDENTIFIER"; { - unsigned long len = sizeof(buf); + unsigned long len = 0; + if (pk_oid_num_to_str(l->data, l->size, buf, &len) != CRYPT_BUFFER_OVERFLOW) { + fprintf(stderr, "%s WTF\n", name); + exit(EXIT_FAILURE); + } + buf = s_xmalloc(len); if (pk_oid_num_to_str(l->data, l->size, buf, &len) != CRYPT_OK) { fprintf(stderr, "%s boom\n", name); exit(EXIT_FAILURE); @@ -321,7 +352,9 @@ static void s_der_tests_print_flexi(ltc_asn1_list* l, unsigned int level) name = "UTCTIME"; { ltc_utctime* ut = l->data; - snprintf(buf, sizeof(buf), "%02d-%02d-%02d %02d:%02d:%02d %c%02d:%02d", + slen = 32; + buf = s_xmalloc(slen); + snprintf(buf, slen, "%02d-%02d-%02d %02d:%02d:%02d %c%02d:%02d", ut->YY, ut->MM, ut->DD, ut->hh, ut->mm, ut->ss, ut->off_dir ? '-' : '+', ut->off_hh, ut->off_mm); text = buf; @@ -331,11 +364,13 @@ static void s_der_tests_print_flexi(ltc_asn1_list* l, unsigned int level) name = "GENERALIZED TIME"; { ltc_generalizedtime* gt = l->data; + slen = 32; + buf = s_xmalloc(slen); if(gt->fs) - snprintf(buf, sizeof(buf), "%04d-%02d-%02d %02d:%02d:%02d.%02dZ", + snprintf(buf, slen, "%04d-%02d-%02d %02d:%02d:%02d.%02dZ", gt->YYYY, gt->MM, gt->DD, gt->hh, gt->mm, gt->ss, gt->fs); else - snprintf(buf, sizeof(buf), "%04d-%02d-%02d %02d:%02d:%02dZ", + snprintf(buf, slen, "%04d-%02d-%02d %02d:%02d:%02dZ", gt->YYYY, gt->MM, gt->DD, gt->hh, gt->mm, gt->ss); text = buf; } @@ -366,8 +401,8 @@ static void s_der_tests_print_flexi(ltc_asn1_list* l, unsigned int level) name = "NON STANDARD"; { int r; - char* s = buf; - int sz = sizeof(buf); + int sz = 128; + char* s = buf = s_xmalloc(sz); r = snprintf(s, sz, "[%s %s %llu]", der_asn1_class_to_string_map[l->klass], der_asn1_pc_to_string_map[l->pc], l->tag); if (r < 0 || r >= sz) { @@ -394,6 +429,11 @@ static void s_der_tests_print_flexi(ltc_asn1_list* l, unsigned int level) else fprintf(stderr, "WTF type=%i\n", l->type); + if (buf) { + s_free(buf); + buf = NULL; + } + if (ostring) { s_der_tests_print_flexi(ostring, level + 1); der_free_sequence_flexi(ostring); From 5c30a53074acf0b2bc8d040050233822e270afbf Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 6 Jan 2022 03:33:55 +0100 Subject: [PATCH 13/17] improve `pk_oid_num_to_str()` * allow `OID` to be `NULL` until you want to write it ... * make sure we don't overflow the `int i` Signed-off-by: Steffen Jaeckel --- src/pk/asn1/oid/pk_oid_str.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/pk/asn1/oid/pk_oid_str.c b/src/pk/asn1/oid/pk_oid_str.c index aa889631c..bc21a6f57 100644 --- a/src/pk/asn1/oid/pk_oid_str.c +++ b/src/pk/asn1/oid/pk_oid_str.c @@ -49,7 +49,7 @@ int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, char tmp[256] = { 0 }; LTC_ARGCHK(oid != NULL); - LTC_ARGCHK(OID != NULL); + LTC_ARGCHK(oidlen < INT_MAX); LTC_ARGCHK(outlen != NULL); for (i = oidlen - 1, k = 0; i >= 0; i--) { @@ -74,6 +74,7 @@ int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, *outlen = k + 1; return CRYPT_BUFFER_OVERFLOW; } + LTC_ARGCHK(OID != NULL); for (j = 0; j < k; j++) OID[j] = tmp[k - j - 1]; OID[k] = '\0'; *outlen = k; /* the length without terminating NUL byte */ From cf58641c991476b9cb85c5a8a0a73a8c34a43315 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 3 Feb 2022 16:35:04 +0100 Subject: [PATCH 14/17] migrate from travis CI to GitHub actions Signed-off-by: Steffen Jaeckel --- .ci/coverage.sh | 6 +- .github/workflows/main.yml | 67 ++++++++++++++++++++++ .travis.yml | 111 ------------------------------------- makefile_include.mk | 2 +- 4 files changed, 71 insertions(+), 115 deletions(-) create mode 100644 .github/workflows/main.yml delete mode 100644 .travis.yml diff --git a/.ci/coverage.sh b/.ci/coverage.sh index 1fd429619..e8808f9b7 100755 --- a/.ci/coverage.sh +++ b/.ci/coverage.sh @@ -37,11 +37,11 @@ fi bash .ci/coverage_more.sh "$5" > test_coverage_more.txt || { rm -f testok.txt && exit 1 ; } make lcov-single -# if this isn't run on Travis CI create coverage locally -if [ "$TRAVIS" == "" ]; then +# if this isn't run on CI create coverage locally +if [ "$CI" == "" ]; then make lcov-html else - coveralls-lcov coverage.info + coveralls-lcov coverage.info --service-job-id="$GITHUB_RUN_ID" --service-name="github" --repo-token="$REPO_TOKEN" --branch="$GITHUB_REF_NAME" --service-pull-request="$PR_NUMBER" fi exit 0 diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 000000000..f85054710 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,67 @@ +name: CI + +on: + push: + branches: + - master + - develop + - /^release\/.*$/ + pull_request: + branches: + - master + - develop + - /^release\/.*$/ + +jobs: + Build: + runs-on: ${{ matrix.os }} + strategy: + matrix: + cc: [ gcc, clang ] + os: [ ubuntu-18.04 ] + config: + - { BUILDNAME: 'META_BUILDS', BUILDOPTIONS: '-DGMP_DESC', BUILDSCRIPT: '.ci/meta_builds.sh' } + - { BUILDNAME: 'VALGRIND', BUILDOPTIONS: '', BUILDSCRIPT: '.ci/valgrind.sh' } + - { BUILDNAME: 'STOCK', BUILDOPTIONS: '', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'STOCK-MPI', BUILDOPTIONS: '-ULTM_DESC -UTFM_DESC -UUSE_LTM -UUSE_TFM', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'EASY', BUILDOPTIONS: '-DLTC_EASY', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'SMALL', BUILDOPTIONS: '-DLTC_SMALL_CODE', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'NOTABLES', BUILDOPTIONS: '-DLTC_NO_TABLES', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'SMALL+NOTABLES', BUILDOPTIONS: '-DLTC_SMALL_CODE -DLTC_NO_TABLES', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'NO_FAST', BUILDOPTIONS: '-DLTC_NO_FAST', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'NO_FAST+NOTABLES', BUILDOPTIONS: '-DLTC_NO_FAST -DLTC_NO_TABLES', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'NO_ASM', BUILDOPTIONS: '-DLTC_NO_ASM', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'NO_TIMING_RESISTANCE', BUILDOPTIONS: '-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'PTHREAD', BUILDOPTIONS: '-DLTC_PTHREAD', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'STOCK+ARGTYPE=1', BUILDOPTIONS: '-DARGTYPE=1', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'STOCK+ARGTYPE=2', BUILDOPTIONS: '-DARGTYPE=2', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'STOCK+ARGTYPE=3', BUILDOPTIONS: '-DARGTYPE=3', BUILDSCRIPT: '.ci/run.sh' } + - { BUILDNAME: 'STOCK+ARGTYPE=4', BUILDOPTIONS: '-DARGTYPE=4', BUILDSCRIPT: '.ci/run.sh' } + steps: + - uses: actions/checkout@v2 + - name: install dependencies + run: | + sudo apt-get update -qq + sudo apt-get install -y libtommath-dev libgmp-dev libtfm-dev valgrind libtool-bin clang-tools lcov + sudo gem install coveralls-lcov + curl -s https://packagecloud.io/install/repositories/libtom/packages/script.deb.sh | sudo bash + sudo apt-get install libtfm1=0.13-5ubuntu1 + - name: run tests + env: + CC: "${{ matrix.cc }}" + PR_NUMBER: ${{ github.event.number }} + REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + bash "${{ matrix.config.BUILDSCRIPT }}" "${{ matrix.config.BUILDNAME }}" "-DUSE_LTM -DLTM_DESC" "makefile V=1" "${{ matrix.config.BUILDOPTIONS }}" "-ltommath" + bash "${{ matrix.config.BUILDSCRIPT }}" "${{ matrix.config.BUILDNAME }}" "-DUSE_TFM -DTFM_DESC" "makefile.shared V=1" "${{ matrix.config.BUILDOPTIONS }}" "-ltfm" + - name: regular logs + if: ${{ !failure() }} + run: | + cat gcc_1.txt + cat gcc_2.txt + - name: error logs + if: ${{ failure() }} + run: | + cat test_std.txt + cat test_err.txt + cat tv.txt diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 2a22bd66b..000000000 --- a/.travis.yml +++ /dev/null @@ -1,111 +0,0 @@ -dist: bionic -sudo: required - -language: c - -before_install: - - sudo apt-get update -qq - - sudo apt-get install -y libtommath-dev libgmp-dev libtfm-dev valgrind libtool-bin - -before_script: - - gem install coveralls-lcov - - curl http://ftp.de.debian.org/debian/pool/main/l/lcov/lcov_1.11.orig.tar.gz | tar xz - - export PATH=$PATH:`pwd`/lcov-1.11/bin - - curl -s https://packagecloud.io/install/repositories/libtom/packages/script.deb.sh | sudo bash - - sudo apt-get install libtfm1=0.13-5ubuntu1 - -matrix: - fast_finish: true -branches: - only: - - master - - develop - - /^release\/.*$/ - -compiler: - - gcc - - clang -script: - - bash "${BUILDSCRIPT}" "${BUILDNAME}" "-DUSE_LTM -DLTM_DESC" "makefile V=1" "${BUILDOPTIONS}" "-ltommath" && - bash "${BUILDSCRIPT}" "${BUILDNAME}" "-DUSE_TFM -DTFM_DESC" "makefile.shared V=1" "${BUILDOPTIONS}" "-ltfm" -env: - - | - BUILDNAME="META_BUILDS" - BUILDOPTIONS="-DGMP_DESC" - BUILDSCRIPT=".ci/meta_builds.sh" - - | - BUILDNAME="VALGRIND" - BUILDOPTIONS=" " - BUILDSCRIPT=".ci/valgrind.sh" - - | - BUILDNAME="STOCK" - BUILDOPTIONS=" " - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="STOCK-MPI" - BUILDOPTIONS="-ULTM_DESC -UTFM_DESC -UUSE_LTM -UUSE_TFM" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="EASY" - BUILDOPTIONS="-DLTC_EASY" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="SMALL" - BUILDOPTIONS="-DLTC_SMALL_CODE" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="NOTABLES" - BUILDOPTIONS="-DLTC_NO_TABLES" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="SMALL+NOTABLES" - BUILDOPTIONS="-DLTC_SMALL_CODE -DLTC_NO_TABLES" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="NO_FAST" - BUILDOPTIONS="-DLTC_NO_FAST" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="NO_FAST+NOTABLES" - BUILDOPTIONS="-DLTC_NO_FAST -DLTC_NO_TABLES" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="NO_ASM" - BUILDOPTIONS="-DLTC_NO_ASM" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="NO_TIMING_RESISTANCE" - BUILDOPTIONS="-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="PTHREAD" - BUILDOPTIONS="-DLTC_PTHREAD" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="STOCK+ARGTYPE=1" - BUILDOPTIONS="-DARGTYPE=1" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="STOCK+ARGTYPE=2" - BUILDOPTIONS="-DARGTYPE=2" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="STOCK+ARGTYPE=3" - BUILDOPTIONS="-DARGTYPE=3" - BUILDSCRIPT=".ci/run.sh" - - | - BUILDNAME="STOCK+ARGTYPE=4" - BUILDOPTIONS="-DARGTYPE=4" - BUILDSCRIPT=".ci/run.sh" - -after_failure: - - cat test_std.txt - - cat test_err.txt - - cat tv.txt - -after_script: - - cat gcc_1.txt - - cat gcc_2.txt - -notifications: - irc: "chat.freenode.net#libtom-notifications" diff --git a/makefile_include.mk b/makefile_include.mk index a7864b01a..2fa3bac94 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -120,7 +120,7 @@ endif # LTC_SMALL ifneq ($(findstring clang,$(CC)),) LTC_CFLAGS += -Wno-typedef-redefinition -Wno-tautological-compare -Wno-builtin-requires-header -LTC_CFLAGS += -Wno-missing-field-initializers -Wno-missing-braces +LTC_CFLAGS += -Wno-missing-field-initializers -Wno-missing-braces -Wno-incomplete-setjmp-declaration endif ifneq ($(findstring mingw,$(CC)),) LTC_CFLAGS += -Wno-shadow -Wno-attributes From 7a8496df5cb2924fa02e8ac67df0d28f16420b98 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 3 Feb 2022 18:10:40 +0100 Subject: [PATCH 15/17] better debug output Signed-off-by: Steffen Jaeckel --- tests/der_test.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/tests/der_test.c b/tests/der_test.c index 720795992..312bdf983 100644 --- a/tests/der_test.c +++ b/tests/der_test.c @@ -1701,7 +1701,7 @@ int der_test(void) for (z = 0; z < 1024; z++) { #endif if (yarrow_read(buf[0], z, &yarrow_prng) != z) { - fprintf(stderr, "Failed to read %lu bytes from yarrow\n", z); + fprintf(stderr, "%d: Failed to read %lu bytes from yarrow\n", __LINE__, z); return 1; } DO(mp_read_unsigned_bin(a, buf[0], z)); @@ -1724,7 +1724,7 @@ int der_test(void) for (zz = 0; zz < 256; zz++) { for (z = 1; z < 4; z++) { if (yarrow_read(buf[2], z, &yarrow_prng) != z) { - fprintf(stderr, "Failed to read %lu bytes from yarrow\n", z); + fprintf(stderr, "%d: Failed to read %lu bytes from yarrow\n", __LINE__, z); return 1; } /* encode with normal */ @@ -1763,7 +1763,10 @@ int der_test(void) /* Test bit string */ for (zz = 1; zz < 1536; zz++) { - yarrow_read(buf[0], zz, &yarrow_prng); + if (yarrow_read(buf[0], zz, &yarrow_prng) != zz) { + fprintf(stderr, "%d: Failed to read %lu bytes from yarrow\n", __LINE__, zz); + return 1; + } for (z = 0; z < zz; z++) { buf[0][z] &= 0x01; } @@ -1785,7 +1788,10 @@ int der_test(void) /* Test octet string */ for (zz = 1; zz < 1536; zz++) { - yarrow_read(buf[0], zz, &yarrow_prng); + if (yarrow_read(buf[0], zz, &yarrow_prng) != zz) { + fprintf(stderr, "%d: Failed to read %lu bytes from yarrow\n", __LINE__, zz); + return 1; + } x = sizeof(buf[1]); DO(der_encode_octet_string(buf[0], zz, buf[1], &x)); DO(der_length_octet_string(zz, &y)); @@ -1823,7 +1829,10 @@ int der_test(void) /* do random strings */ for (zz = 0; zz < 5000; zz++) { /* pick a random number of words */ - yarrow_read(buf[0], 4, &yarrow_prng); + if (yarrow_read(buf[0], 4, &yarrow_prng) != 4) { + fprintf(stderr, "%d: Failed to read %d bytes from yarrow\n", __LINE__, 4); + return 1; + } LOAD32L(z, buf[0]); z = 2 + (z % ((sizeof(oid[0])/sizeof(oid[0][0])) - 2)); @@ -1832,7 +1841,10 @@ int der_test(void) oid[0][1] = buf[0][1] % 40; for (y = 2; y < z; y++) { - yarrow_read(buf[0], 4, &yarrow_prng); + if (yarrow_read(buf[0], 4, &yarrow_prng) != 4) { + fprintf(stderr, "%d: Failed to read %d bytes from yarrow\n", __LINE__, 4); + return 1; + } LOAD32L(oid[0][y], buf[0]); } From 31ab638fb65921694a72f0f8c3969e07cb0b5bcc Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 4 Feb 2022 15:34:22 +0100 Subject: [PATCH 16/17] silence valgrind When compiling with clang (9-12) and then running the tests in valgrind (I tested 3.13.0 and 3.15.0) the following error was created: ``` Conditional jump or move depends on uninitialised value(s) at 0x47761F: ecc_ssh_ecdsa_encode_name (ecc_ssh_ecdsa_encode_name.c:38) ... Uninitialised value was created by a stack allocation at 0x477570: ecc_ssh_ecdsa_encode_name (ecc_ssh_ecdsa_encode_name.c:21) ``` This silences this error by initialising the stack-array on creation. Signed-off-by: Steffen Jaeckel --- src/pk/ecc/ecc_ssh_ecdsa_encode_name.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pk/ecc/ecc_ssh_ecdsa_encode_name.c b/src/pk/ecc/ecc_ssh_ecdsa_encode_name.c index 09c8d6432..4b8d55428 100644 --- a/src/pk/ecc/ecc_ssh_ecdsa_encode_name.c +++ b/src/pk/ecc/ecc_ssh_ecdsa_encode_name.c @@ -19,7 +19,7 @@ */ int ecc_ssh_ecdsa_encode_name(char *buffer, unsigned long *buflen, const ecc_key *key) { - char oidstr[64]; + char oidstr[64] = {0}; unsigned long oidlen = sizeof(oidstr); int err, size = 0; From c8e49539e6921a76b6b5948859881d8718968009 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 21 Dec 2020 16:15:07 +0100 Subject: [PATCH 17/17] add cipher Id to docs Signed-off-by: Steffen Jaeckel --- doc/crypt.tex | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/doc/crypt.tex b/doc/crypt.tex index 077e3b0d9..d0a90acac 100644 --- a/doc/crypt.tex +++ b/doc/crypt.tex @@ -604,30 +604,30 @@ \subsection{Simple Encryption Demonstration} \begin{figure}[hpbt] \begin{small} \begin{center} -\begin{tabular}{|c|c|c|c|c|c|} - \hline \textbf{Name} & \textbf{Descriptor Name} & \textbf{Block Size} & \textbf{Key Range} & \textbf{Rounds} \\ - \hline Blowfish & blowfish\_desc & 8 & 8 $\ldots$ 56 & 16 \\ - \hline X-Tea & xtea\_desc & 8 & 16 & 32 \\ - \hline RC2 & rc2\_desc & 8 & 5 $\ldots$ 128 & 16 \\ - \hline RC5-32/12/b & rc5\_desc & 8 & 8 $\ldots$ 128 & 12 $\ldots$ 24 \\ - \hline RC6-32/20/b & rc6\_desc & 16 & 8 $\ldots$ 128 & 20 \\ - \hline SAFER+ & saferp\_desc &16 & 16, 24, 32 & 8, 12, 16 \\ - \hline AES & aes\_desc & 16 & 16, 24, 32 & 10, 12, 14 \\ - & aes\_enc\_desc & 16 & 16, 24, 32 & 10, 12, 14 \\ - \hline Twofish & twofish\_desc & 16 & 16, 24, 32 & 16 \\ - \hline DES & des\_desc & 8 & 8 & 16 \\ - \hline 3DES (EDE mode) & des3\_desc & 8 & 16, 24 & 16 \\ - \hline CAST5 (CAST-128) & cast5\_desc & 8 & 5 $\ldots$ 16 & 12, 16 \\ - \hline Noekeon & noekeon\_desc & 16 & 16 & 16 \\ - \hline Skipjack & skipjack\_desc & 8 & 10 & 32 \\ - \hline Anubis & anubis\_desc & 16 & 16 $\ldots$ 40 & 12 $\ldots$ 18 \\ - \hline Khazad & khazad\_desc & 8 & 16 & 8 \\ - \hline SEED & kseed\_desc & 16 & 16 & 16 \\ - \hline KASUMI & kasumi\_desc & 8 & 16 & 8 \\ - \hline Camellia & camellia\_desc & 16 & 16, 24, 32 & 18, 24 \\ - \hline IDEA & idea\_desc & 8 & 16 & 8 \\ - \hline Serpent & serpent\_desc & 16 & 16, 24, 32 & 32 \\ - \hline TEA & tea\_desc & 8 & 16 & 32 \\ +\begin{tabular}{|c|c|c|c|c|c|c|} + \hline \textbf{Name} & \textbf{Descriptor Name} & \textbf{Block Size} & \textbf{Key Range} & \textbf{Rounds} & \textbf{Id} \\ + \hline Blowfish & blowfish\_desc & 8 & 8 $\ldots$ 56 & 16 & 0 \\ + \hline X-Tea & xtea\_desc & 8 & 16 & 32 & 1 \\ + \hline RC2 & rc2\_desc & 8 & 5 $\ldots$ 128 & 16 & 12 \\ + \hline RC5-32/12/b & rc5\_desc & 8 & 8 $\ldots$ 128 & 12 $\ldots$ 24 & 2 \\ + \hline RC6-32/20/b & rc6\_desc & 16 & 8 $\ldots$ 128 & 20 & 3 \\ + \hline SAFER+ & saferp\_desc &16 & 16, 24, 32 & 8, 12, 16 & 4 \\ + \hline AES & aes\_desc & 16 & 16, 24, 32 & 10, 12, 14 & 6 \\ + & aes\_enc\_desc & 16 & 16, 24, 32 & 10, 12, 14 & 6 \\ + \hline Twofish & twofish\_desc & 16 & 16, 24, 32 & 16 & 7 \\ + \hline DES & des\_desc & 8 & 8 & 16 & 13 \\ + \hline 3DES (EDE mode) & des3\_desc & 8 & 16, 24 & 16 & 14 \\ + \hline CAST5 (CAST-128) & cast5\_desc & 8 & 5 $\ldots$ 16 & 12, 16 & 15 \\ + \hline Noekeon & noekeon\_desc & 16 & 16 & 16 & 16 \\ + \hline Skipjack & skipjack\_desc & 8 & 10 & 32 & 17 \\ + \hline Anubis & anubis\_desc & 16 & 16 $\ldots$ 40 & 12 $\ldots$ 18 & 19 \\ + \hline Khazad & khazad\_desc & 8 & 16 & 8 & 18 \\ + \hline SEED & kseed\_desc & 16 & 16 & 16 & 20 \\ + \hline KASUMI & kasumi\_desc & 8 & 16 & 8 & 21 \\ + \hline Camellia & camellia\_desc & 16 & 16, 24, 32 & 18, 24 & 23 \\ + \hline IDEA & idea\_desc & 8 & 16 & 8 & 24 \\ + \hline Serpent & serpent\_desc & 16 & 16, 24, 32 & 32 & 25 \\ + \hline TEA & tea\_desc & 8 & 16 & 32 & 26 \\ \hline \end{tabular} \end{center}