Merge pull request #504 from libtom/minor-fixes

Minor fixes and improvements

.ci/meta_builds.sh

@@ -34,7 +34,7 @@ function run_gcc() {
 
    ASAN_OPTIONS=verbosity=1 ./test t ltm 1>test_std.txt 2> test_err.txt || exit 1
 
-   if echo $2 | grep -q GMP ; then
+   if echo $* | grep -q GMP ; then
       echo
       echo "Run ASAN tests with GMP..."
 
@@ -68,7 +68,7 @@ function run_clang() {
    echo "Run UBSAN tests with LTM..."
    UBSAN_OPTIONS=verbosity=1 ./test t ltm 1>test_std.txt 2> test_err.txt || exit 1
 
-   if echo $2 | grep -q GMP ; then
+   if echo $* | grep -q GMP ; then
       echo
       echo "Run UBSAN tests with GMP..."
 

.travis.yml

@@ -30,97 +30,97 @@ script:
     bash "${BUILDSCRIPT}" "${BUILDNAME}" "-DUSE_TFM -DTFM_DESC" "makefile.shared V=1" "${BUILDOPTIONS}" "-ltfm"
 env:
   - |
-    BUILDSCRIPT=".ci/meta_builds.sh"
     BUILDNAME="META_BUILDS"
     BUILDOPTIONS="-DGMP_DESC"
+    BUILDSCRIPT=".ci/meta_builds.sh"
   - |
-    BUILDSCRIPT=".ci/valgrind.sh"
     BUILDNAME="VALGRIND"
     BUILDOPTIONS=" "
+    BUILDSCRIPT=".ci/valgrind.sh"
   - |
-    BUILDSCRIPT=".ci/run.sh"
     BUILDNAME="STOCK"
     BUILDOPTIONS=" "
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK-MPI"
     BUILDOPTIONS="-ULTM_DESC -UTFM_DESC -UUSE_LTM -UUSE_TFM"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="EASY"
     BUILDOPTIONS="-DLTC_EASY"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="SMALL"
     BUILDOPTIONS="-DLTC_SMALL_CODE"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NOTABLES"
     BUILDOPTIONS="-DLTC_NO_TABLES"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="SMALL+NOTABLES"
     BUILDOPTIONS="-DLTC_SMALL_CODE -DLTC_NO_TABLES"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK"
     BUILDOPTIONS="-DLTC_CLEAN_STACK"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK+SMALL"
     BUILDOPTIONS="-DLTC_SMALL_CODE -DLTC_CLEAN_STACK"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK+NOTABLES"
     BUILDOPTIONS="-DLTC_NO_TABLES -DLTC_CLEAN_STACK"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK+NOTABLES+SMALL"
     BUILDOPTIONS="-DLTC_NO_TABLES -DLTC_CLEAN_STACK -DLTC_SMALL_CODE"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NO_FAST"
     BUILDOPTIONS="-DLTC_NO_FAST"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NO_FAST+NOTABLES"
     BUILDOPTIONS="-DLTC_NO_FAST -DLTC_NO_TABLES"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NO_ASM"
     BUILDOPTIONS="-DLTC_NO_ASM"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NO_TIMING_RESISTANCE"
     BUILDOPTIONS="-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE+LTC_FORTUNA_RESEED_RATELIMIT_STATIC"
     BUILDOPTIONS="-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING -DLTC_FORTUNA_RESEED_RATELIMIT_STATIC"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="PTHREAD"
     BUILDOPTIONS="-DLTC_PTHREAD"
-  - |
     BUILDSCRIPT=".ci/run.sh"
-    BUILDNAME="CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE+LTC_FORTUNA_RESEED_RATELIMIT_STATIC+PTHREAD"
-    BUILDOPTIONS="-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING -DLTC_FORTUNA_RESEED_RATELIMIT_STATIC -DLTC_PTHREAD"
   - |
+    BUILDNAME="PTHREAD+CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE+LTC_FORTUNA_RESEED_RATELIMIT_STATIC"
+    BUILDOPTIONS="-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING -DLTC_FORTUNA_RESEED_RATELIMIT_STATIC -DLTC_PTHREAD"
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK+ARGTYPE=1"
     BUILDOPTIONS="-DARGTYPE=1"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK+ARGTYPE=2"
     BUILDOPTIONS="-DARGTYPE=2"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK+ARGTYPE=3"
     BUILDOPTIONS="-DARGTYPE=3"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK+ARGTYPE=4"
     BUILDOPTIONS="-DARGTYPE=4"
+    BUILDSCRIPT=".ci/run.sh"
 
 after_failure:
   - cat test_std.txt

demos/demo_dynamic.py

@@ -245,15 +245,29 @@ class SHA256(object):
         LTC.sha256_done(byref(self.state), byref(md))
         return md.raw
 
+# - - - - - - - - - - - - -
+# a SHA256 app fragment
+
+if SHOW_SHA256_EXAMPLE:
+    print('-'*60)
+    data = b'hello world'               # we want bytes, not Unicode
+
+    sha256 = SHA256()
+    sha256.update(data)
+    md = sha256.digest()
+
+    template = '\n  the SHA256 digest for "%s" is %s \n'
+    print(template % (data, hexlify(md)))
+
 class ChaCha(object):
     def __init__(self, key, rounds):
         self.state   = c_buffer(_get_size(b'chacha_state'))
-        self.counter = c_int(1)
+        self.counter = c_uint(1)
         err = LTC.chacha_setup(byref(self.state), key, len(key), rounds)
         if err != CRYPT_OK:
             raise Exception('LTC.chacha_setup(), err = %d, "%s"' % (err, _err2str(err)))
     def set_iv32(self, iv):
-        err = LTC.chacha_ivctr32(byref(self.state), iv, len(iv), byref(self.counter))
+        err = LTC.chacha_ivctr32(byref(self.state), iv, len(iv), self.counter)
         if err != CRYPT_OK:
             raise Exception('LTC.chacha_ivctr32(), err = %d, "%s"' % (err, _err2str(err)))
     def crypt(self, datain):
@@ -263,20 +277,6 @@ class ChaCha(object):
             raise Exception('LTC.chacha_crypt(), err = %d, "%s"' % (err, _err2str(err)))
         return dataout.raw
 
-# - - - - - - - - - - - - -
-# a SHA256 app fragment
-
-if SHOW_SHA256_EXAMPLE:
-    print('-'*60)
-    data = b'hello world'               # we want bytes, not Unicode
-
-    sha256 = SHA256()
-    sha256.update(data)
-    md = sha256.digest()
-
-    template = '\n  the SHA256 digest for "%s" is %s \n'
-    print(template % (data, hexlify(md)))
-
 # - - - - - - - - - - - - -
 # a ChaCha app fragment
 

helper.pl

@@ -280,7 +280,7 @@ sub patch_file {
 
 sub version_from_tomcrypt_h {
   my $h = read_file(shift);
-  if ($h =~ /\n#define\s*SCRYPT\s*"([0-9]+)\.([0-9]+)\.([0-9]+)(.*)"/s) {
+  if ($h =~ /\n#define\s*SCRYPT\s*"([0-9]+)\.([0-9]+)\.([0-9]+)(\S*)"/s) {
     return "VERSION_PC=$1.$2.$3", "VERSION_LT=1:1", "VERSION=$1.$2.$3$4", "PROJECT_NUMBER=$1.$2.$3$4";
   }
   else {

makefile

@@ -5,6 +5,11 @@
 #
 #  (GNU make only)
 
+ifeq ($V,0)
+silent_echo= > /dev/null
+else
+silent_echo=
+endif
 ifeq ($V,1)
 silent=
 silent_stdout=
@@ -42,29 +47,29 @@ LTC_EXTRALIBS += $(EXTRALIBS)
 #AES comes in two flavours... enc+dec and enc
 src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
 ifneq ($V,1)
-	@echo "   * ${CC} $@"
+	@echo "   * ${CC} $@" ${silent_echo}
 endif
 	${silent} ${CC} ${LTC_CFLAGS} -DENCRYPT_ONLY -c $< -o $@
 
 .c.o:
 ifneq ($V,1)
-	@echo "   * ${CC} $@"
+	@echo "   * ${CC} $@" ${silent_echo}
 endif
 	${silent} ${CC} ${LTC_CFLAGS} -c $< -o $@
 
 $(LIBNAME): $(OBJECTS)
 ifneq ($V,1)
-	@echo "   * ${AR} $@"
+	@echo "   * ${AR} $@" ${silent_echo}
 endif
 	${silent} $(AR) $(ARFLAGS) $@ $(OBJECTS)
 ifneq ($V,1)
-	@echo "   * ${RANLIB} $@"
+	@echo "   * ${RANLIB} $@" ${silent_echo}
 endif
 	${silent} $(RANLIB) $@
 
 test: $(call print-help,test,Builds the library and the 'test' application to run all self-tests) $(LIBNAME) $(TOBJECTS)
 ifneq ($V,1)
-	@echo "   * ${CC} $@"
+	@echo "   * ${CC} $@" ${silent_echo}
 endif
 	${silent} $(CC) $(LTC_LDFLAGS) $(TOBJECTS) $(LIB_PRE) $(LIBNAME) $(LIB_POST) $(LTC_EXTRALIBS) -o $(TEST)
 
@@ -72,7 +77,7 @@ endif
 define DEMO_template
 $(1): $(call print-help,$(1),Builds the library and the '$(1)' demo) demos/$(1).o $$(LIBNAME)
 ifneq ($V,1)
-	@echo "   * $${CC} $$@"
+	@echo "   * $${CC} $$@" ${silent_echo}
 endif
 	$${silent} $$(CC) $$(LTC_LDFLAGS) $$< $$(LIB_PRE) $$(LIBNAME) $$(LIB_POST) $$(LTC_EXTRALIBS) -o $(1)
 endef

src/ciphers/anubis.c

@@ -1131,6 +1131,11 @@ int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetr
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
+
+   if (skey->anubis.R < 12 || skey->anubis.R > 18) {
+       return CRYPT_INVALID_ROUNDS;
+   }
+
    anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R);
    return CRYPT_OK;
 }
@@ -1147,6 +1152,11 @@ int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetr
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
+
+   if (skey->anubis.R < 12 || skey->anubis.R > 18) {
+       return CRYPT_INVALID_ROUNDS;
+   }
+
    anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R);
    return CRYPT_OK;
 }

src/ciphers/rc5.c

@@ -136,6 +136,10 @@ int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
 
+   if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) {
+      return CRYPT_INVALID_ROUNDS;
+   }
+
    LOAD32L(A, &pt[0]);
    LOAD32L(B, &pt[4]);
    A += skey->rc5.K[0];
@@ -192,6 +196,10 @@ int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
 
+   if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) {
+      return CRYPT_INVALID_ROUNDS;
+   }
+
    LOAD32L(A, &ct[0]);
    LOAD32L(B, &ct[4]);
    K = skey->rc5.K + (skey->rc5.rounds << 1);

src/ciphers/safer/saferp.c

@@ -347,6 +347,10 @@ int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetr
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
 
+   if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) {
+       return CRYPT_INVALID_ROUNDS;
+   }
+
    /* do eight rounds */
    for (x = 0; x < 16; x++) {
        b[x] = pt[x];
@@ -411,6 +415,10 @@ int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetr
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
 
+   if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) {
+       return CRYPT_INVALID_ROUNDS;
+   }
+
    /* do eight rounds */
    b[0] = ct[0] ^ skey->saferp.K[skey->saferp.rounds*2][0];
    b[1] = (ct[1] - skey->saferp.K[skey->saferp.rounds*2][1]) & 255;

src/encauth/gcm/gcm_gf_mult.c

@@ -13,7 +13,7 @@
 */
 #include "tomcrypt_private.h"
 
-#if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || ((defined(LTC_GCM_MODE) || defined(LTC_GCM_MODE)) && defined(LTC_FAST))
+#if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || (defined(LTC_GCM_MODE) && defined(LTC_FAST))
 
 /* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format.  Since only the
  * lower 16 bits are not zero'ed I removed the upper 14 bytes */

src/headers/tomcrypt.h

@@ -19,7 +19,7 @@
 #include <limits.h>
 
 /* use configuration data */
-#include <tomcrypt_custom.h>
+#include "tomcrypt_custom.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -81,17 +81,17 @@ enum {
    CRYPT_HASH_OVERFLOW      /* Hash applied to too many bits */
 };
 
-#include <tomcrypt_cfg.h>
-#include <tomcrypt_macros.h>
-#include <tomcrypt_cipher.h>
-#include <tomcrypt_hash.h>
-#include <tomcrypt_mac.h>
-#include <tomcrypt_prng.h>
-#include <tomcrypt_pk.h>
-#include <tomcrypt_math.h>
-#include <tomcrypt_misc.h>
-#include <tomcrypt_argchk.h>
-#include <tomcrypt_pkcs.h>
+#include "tomcrypt_cfg.h"
+#include "tomcrypt_macros.h"
+#include "tomcrypt_cipher.h"
+#include "tomcrypt_hash.h"
+#include "tomcrypt_mac.h"
+#include "tomcrypt_prng.h"
+#include "tomcrypt_pk.h"
+#include "tomcrypt_math.h"
+#include "tomcrypt_misc.h"
+#include "tomcrypt_argchk.h"
+#include "tomcrypt_pkcs.h"
 
 #ifdef __cplusplus
    }

src/headers/tomcrypt_cfg.h

@@ -294,15 +294,21 @@ typedef unsigned long ltc_mp_digit;
    #define LTC_HAVE_ROTATE_BUILTIN
 #endif
 
-#if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301)
-   #define LTC_DEPRECATED __attribute__((deprecated))
+#if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 405)
+#  define LTC_DEPRECATED(s) __attribute__((deprecated("replaced by " #s)))
+#  define PRIVATE_LTC_DEPRECATED_PRAGMA(s) _Pragma(#s)
+#  define LTC_DEPRECATED_PRAGMA(s) PRIVATE_LTC_DEPRECATED_PRAGMA(GCC warning s)
+#elif defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301)
+#  define LTC_DEPRECATED(s) __attribute__((deprecated))
+#  define LTC_DEPRECATED_PRAGMA(s)
 #elif defined(_MSC_VER) && _MSC_VER >= 1500
    /* supported since Visual Studio 2008 */
-   #define LTC_DEPRECATED __declspec(deprecated)
+#  define LTC_DEPRECATED(s) __declspec(deprecated("replaced by " #s))
+#  define LTC_DEPRECATED_PRAGMA(s) __pragma(message(s))
 #else
-   #define LTC_DEPRECATED
+#  define LTC_DEPRECATED(s)
+#  define LTC_DEPRECATED_PRAGMA(s)
 #endif
-
 /* ref:         $Format:%D$ */
 /* git commit:  $Format:%H$ */
 /* commit time: $Format:%ai$ */

src/headers/tomcrypt_misc.h

@@ -102,13 +102,13 @@ int crypt_get_size(const char* namein, unsigned int *sizeout);
 int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size);
 
 #ifdef LTM_DESC
-LTC_DEPRECATED void init_LTM(void);
+LTC_DEPRECATED(crypt_mp_init) void init_LTM(void);
 #endif
 #ifdef TFM_DESC
-LTC_DEPRECATED void init_TFM(void);
+LTC_DEPRECATED(crypt_mp_init) void init_TFM(void);
 #endif
 #ifdef GMP_DESC
-LTC_DEPRECATED void init_GMP(void);
+LTC_DEPRECATED(crypt_mp_init) void init_GMP(void);
 #endif
 int crypt_mp_init(const char* mpi);
 

src/math/ltm_desc.c

@@ -20,6 +20,9 @@ static const struct {
    { MP_OKAY ,  CRYPT_OK},
    { MP_MEM  ,  CRYPT_MEM},
    { MP_VAL  ,  CRYPT_INVALID_ARG},
+#if defined(MP_ITER) || defined(MP_USE_ENUMS)
+   { MP_ITER ,  CRYPT_INVALID_PACKET},
+#endif
 };
 
 /**
@@ -39,17 +42,27 @@ static int mpi_to_ltc_error(int err)
    return CRYPT_ERROR;
 }
 
-static int init(void **a)
+static int init_mpi(void **a)
 {
-   int err;
-
    LTC_ARGCHK(a != NULL);
 
    *a = XCALLOC(1, sizeof(mp_int));
    if (*a == NULL) {
       return CRYPT_MEM;
+   } else {
+      return CRYPT_OK;
    }
+}
+
+static int init(void **a)
+{
+   int err;
 
+   LTC_ARGCHK(a != NULL);
+
+   if ((err = init_mpi(a)) != CRYPT_OK) {
+      return err;
+   }
    if ((err = mpi_to_ltc_error(mp_init(*a))) != CRYPT_OK) {
       XFREE(*a);
    }
@@ -79,10 +92,11 @@ static int copy(void *a, void *b)
 
 static int init_copy(void **a, void *b)
 {
-   if (init(a) != CRYPT_OK) {
-      return CRYPT_MEM;
-   }
-   return copy(b, *a);
+   int err;
+   LTC_ARGCHK(a  != NULL);
+   LTC_ARGCHK(b  != NULL);
+   if ((err = init_mpi(a)) != CRYPT_OK) return err;
+   return mpi_to_ltc_error(mp_init_copy(*a, b));
 }
 
 /* ---- trivial ---- */
@@ -184,7 +198,11 @@ static int write_radix(void *a, char *b, int radix)
 {
    LTC_ARGCHK(a != NULL);
    LTC_ARGCHK(b != NULL);
+#ifdef BN_MP_TORADIX_C
    return mpi_to_ltc_error(mp_toradix(a, b, radix));
+#else
+   return mpi_to_ltc_error(mp_to_radix(a, b, SIZE_MAX, radix));
+#endif
 }
 
 /* get size as unsigned char string */

tests/der_test.c

@@ -1364,9 +1364,15 @@ static void _der_regression_test(void)
      0x20,0x74,0x72,0x91,0xdd,0x2f,0x3f,0x44,0xaf,0x7a,0xce,0x68,0xea,0x33,0x43,0x1d,0x6f,0x94,0xe4,
      0x18,0xc1,0x06,0xa6,0xe7,0x62,0x85,0xcd,0x59,0xf4,0x32,0x60,0xec,0xce,0x00,0x00
    };
+   static const unsigned char issue_507[] = "\x30\x04"           /* Start DER-sequence of length 4 */
+                                            "\x0c\x02\xbf\xbf"   /* Start UTF8 string of actual length 2 and evaluated length 3 */
+                                            "\xaa"               /* One byte padding */
+                                            "\x04\x82\xff\xff";  /* Start OCTET sequence of length 0xffff */
+                                                                 /* (this will include the adjacent data into the decoded certificate) */
    unsigned long len;
    void *x, *y;
    ltc_asn1_list seq[2];
+   ltc_asn1_list *l;
    mp_init_multi(&x, &y, NULL);
    LTC_SET_ASN1(seq, 0, LTC_ASN1_INTEGER, x, 1UL);
    LTC_SET_ASN1(seq, 1, LTC_ASN1_INTEGER, y, 1UL);
@@ -1381,6 +1387,9 @@ static void _der_regression_test(void)
    mp_cleanup_multi(&y, &x, NULL);
    len = sizeof(_addtl_bytes);
    _der_decode_print(_addtl_bytes, &len);
+
+   len = sizeof(issue_507);
+   SHOULD_FAIL(der_decode_sequence_flexi(issue_507, &len, &l));
 }
 
 static void der_toolong_test(void)