From e68d846429c36e6e1b33dfae3034e97c32564695 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 23 Jun 2017 07:57:47 +0200 Subject: [PATCH 1/9] hopefully finally fix usage of $(DESTDIR) This closes #232 --- makefile.shared | 4 ++-- makefile.unix | 16 ++++++++-------- makefile_include.mk | 16 ++++++++-------- 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/makefile.shared b/makefile.shared index e4fc103..3efde7b 100644 --- a/makefile.shared +++ b/makefile.shared @@ -47,8 +47,8 @@ $(LIBNAME): $(OBJECTS) install: .common_install sed -e 's,^prefix=.*,prefix=$(PREFIX),' -e 's,^Version:.*,Version: $(VERSION),' libtomcrypt.pc.in > libtomcrypt.pc - install -d $(DESTDIR)/$(LIBPATH)/pkgconfig - install -m 644 libtomcrypt.pc $(DESTDIR)/$(LIBPATH)/pkgconfig/ + install -d $(DESTDIR)$(LIBPATH)/pkgconfig + install -m 644 libtomcrypt.pc $(DESTDIR)$(LIBPATH)/pkgconfig/ install_bins: .common_install_bins diff --git a/makefile.unix b/makefile.unix index d3ccc72..b519cc6 100644 --- a/makefile.unix +++ b/makefile.unix @@ -272,17 +272,17 @@ clean: #Install the library + headers install: $(LIBMAIN_S) $(HEADERS) - @mkdir -p $(DESTDIR)/$(INCPATH) $(DESTDIR)/$(LIBPATH)/pkgconfig - @cp $(LIBMAIN_S) $(DESTDIR)/$(LIBPATH)/ - @cp $(HEADERS) $(DESTDIR)/$(INCPATH)/ - @sed -e 's,^prefix=.*,prefix=$(PREFIX),' -e 's,^Version:.*,Version: $(VERSION),' libtomcrypt.pc.in > $(DESTDIR)/$(LIBPATH)/pkgconfig/libtomcrypt.pc + @mkdir -p $(DESTDIR)$(INCPATH) $(DESTDIR)$(LIBPATH)/pkgconfig + @cp $(LIBMAIN_S) $(DESTDIR)$(LIBPATH)/ + @cp $(HEADERS) $(DESTDIR)$(INCPATH)/ + @sed -e 's,^prefix=.*,prefix=$(PREFIX),' -e 's,^Version:.*,Version: $(VERSION),' libtomcrypt.pc.in > $(DESTDIR)$(LIBPATH)/pkgconfig/libtomcrypt.pc #Install useful tools install_bins: hashsum - @mkdir -p $(DESTDIR)/$(BINPATH) - @cp hashsum $(DESTDIR)/$(BINPATH)/ + @mkdir -p $(DESTDIR)$(BINPATH) + @cp hashsum $(DESTDIR)$(BINPATH)/ #Install documentation install_docs: doc/crypt.pdf - @mkdir -p $(DESTDIR)/$(DATAPATH) - @cp doc/crypt.pdf $(DESTDIR)/$(DATAPATH)/ + @mkdir -p $(DESTDIR)$(DATAPATH) + @cp doc/crypt.pdf $(DESTDIR)$(DATAPATH)/ diff --git a/makefile_include.mk b/makefile_include.mk index 6d13009..4fe3fd2 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -362,18 +362,18 @@ install_all: install install_bins install_docs install_test INSTALL_OPTS ?= -m 644 .common_install: $(LIBNAME) - install -d $(DESTDIR)/$(INCPATH) - install -d $(DESTDIR)/$(LIBPATH) - $(INSTALL_CMD) $(INSTALL_OPTS) $(LIBNAME) $(DESTDIR)/$(LIBPATH)/$(LIBNAME) - install -m 644 $(HEADERS) $(DESTDIR)/$(INCPATH) + install -d $(DESTDIR)$(INCPATH) + install -d $(DESTDIR)$(LIBPATH) + $(INSTALL_CMD) $(INSTALL_OPTS) $(LIBNAME) $(DESTDIR)$(LIBPATH)/$(LIBNAME) + install -m 644 $(HEADERS) $(DESTDIR)$(INCPATH) .common_install_bins: $(USEFUL_DEMOS) - install -d $(BINPATH) - $(INSTALL_CMD) -m 775 $(USEFUL_DEMOS) $(DESTDIR)/$(BINPATH) + install -d $(DESTDIR)$(BINPATH) + $(INSTALL_CMD) -m 775 $(USEFUL_DEMOS) $(DESTDIR)$(BINPATH) install_docs: doc/crypt.pdf - install -d $(DATAPATH) - install -m 644 doc/crypt.pdf $(DESTDIR)/$(DATAPATH) + install -d $(DESTDIR)$(DATAPATH) + install -m 644 doc/crypt.pdf $(DESTDIR)$(DATAPATH) install_hooks: for s in `ls hooks/`; do ln -s ../../hooks/$$s .git/hooks/$$s; done From c15d656a232fc605d2b9f4475d774bae7addfd35 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 23 Jun 2017 09:08:42 +0200 Subject: [PATCH 2/9] crypt{,.exe} is now ltcrypt{,.exe} --- makefile.unix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/makefile.unix b/makefile.unix index b519cc6..9aab93b 100644 --- a/makefile.unix +++ b/makefile.unix @@ -267,8 +267,8 @@ clean: -@rm -f $(OBJECTS) $(TOBJECTS) -@rm -f $(LIBMAIN_S) -@rm -f demos/*.o *_tv.txt - -@rm -f test tv_gen hashsum crypt small timing - -@rm -f test.exe tv_gen.exe hashsum.exe crypt.exe small.exe timing.exe + -@rm -f test tv_gen hashsum ltcrypt small timing + -@rm -f test.exe tv_gen.exe hashsum.exe ltcrypt.exe small.exe timing.exe #Install the library + headers install: $(LIBMAIN_S) $(HEADERS) From a80d3c00a882f59fe9e129e8966a84f139a411be Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 22 Jun 2017 17:05:40 +0200 Subject: [PATCH 3/9] no need for DH_BUF_SIZE --- src/headers/tomcrypt_pk.h | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h index 1ff657d..557c990 100644 --- a/src/headers/tomcrypt_pk.h +++ b/src/headers/tomcrypt_pk.h @@ -183,10 +183,6 @@ int katja_import(const unsigned char *in, unsigned long inlen, katja_key *key); /* ---- DH Routines ---- */ #ifdef LTC_MDH -#ifndef DH_BUF_SIZE -#define DH_BUF_SIZE 2100 -#endif - typedef struct { int size; char *name, *base, *prime; From 3cfb2a5e2e1d6fe5e183d5ce3f9f2c3cc7593739 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 23 Jun 2017 14:14:05 +0200 Subject: [PATCH 4/9] hide some of the 'new since 1.17' internal functions --- src/headers/tomcrypt_mac.h | 2 ++ src/headers/tomcrypt_pk.h | 17 ++++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/src/headers/tomcrypt_mac.h b/src/headers/tomcrypt_mac.h index d2e5dfb..94d4a14 100644 --- a/src/headers/tomcrypt_mac.h +++ b/src/headers/tomcrypt_mac.h @@ -299,11 +299,13 @@ int ocb3_decrypt_verify_memory(int cipher, int ocb3_test(void); +#ifdef LTC_SOURCE /* internal helper functions */ int ocb3_int_aad_add_block(ocb3_state *ocb, const unsigned char *aad_block); void ocb3_int_calc_offset_zero(ocb3_state *ocb, const unsigned char *nonce, unsigned long noncelen); int ocb3_int_ntz(unsigned long x); void ocb3_int_xor_blocks(unsigned char *out, const unsigned char *block_a, const unsigned char *block_b, unsigned long block_len); +#endif /* LTC_SOURCE */ #endif /* LTC_OCB3_MODE */ diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h index 557c990..392268b 100644 --- a/src/headers/tomcrypt_pk.h +++ b/src/headers/tomcrypt_pk.h @@ -21,6 +21,9 @@ enum { #define PK_MAX_RETRIES 20 int rand_prime(void *N, long len, prng_state *prng, int wprng); + +#ifdef LTC_SOURCE +/* internal helper functions */ int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng); int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng); @@ -36,6 +39,7 @@ typedef struct Oid { } oid_st; int pk_get_oid(int pk, oid_st *st); +#endif /* LTC_SOURCE */ /* ---- RSA ---- */ #ifdef LTC_MRSA @@ -211,7 +215,7 @@ int dh_shared_secret(dh_key *private_key, dh_key *public_key, unsigned char *out, unsigned long *outlen); #ifdef LTC_SOURCE -/* INTERNAL ONLY - it should be later moved to src/headers/tomcrypt_internal.h */ +/* internal helper functions */ int dh_check_pubkey(dh_key *key); #endif @@ -524,6 +528,9 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen, int der_length_sequence(ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen); + +#ifdef LTC_SOURCE +/* internal helper functions */ /* SUBJECT PUBLIC KEY INFO */ int der_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, unsigned int algorithm, void* public_key, unsigned long public_key_len, @@ -532,6 +539,7 @@ int der_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen int der_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, unsigned int algorithm, void* public_key, unsigned long* public_key_len, unsigned long parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len); +#endif /* LTC_SOURCE */ /* SET */ #define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 0) @@ -609,8 +617,12 @@ int der_decode_teletex_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); int der_length_teletex_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen); +#ifdef LTC_SOURCE +/* internal helper functions */ int der_teletex_char_encode(int c); int der_teletex_value_decode(int v); +#endif /* LTC_SOURCE */ + /* PRINTABLE STRING */ int der_encode_printable_string(const unsigned char *in, unsigned long inlen, @@ -642,7 +654,10 @@ int der_encode_utf8_string(const wchar_t *in, unsigned long inlen, int der_decode_utf8_string(const unsigned char *in, unsigned long inlen, wchar_t *out, unsigned long *outlen); unsigned long der_utf8_charsize(const wchar_t c); +#ifdef LTC_SOURCE +/* internal helper functions */ int der_utf8_valid_char(const wchar_t c); +#endif /* LTC_SOURCE */ int der_length_utf8_string(const wchar_t *in, unsigned long noctets, unsigned long *outlen); From 907d5301ee8200a79c39a3594521d1b81e046306 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 23 Jun 2017 16:46:31 +0200 Subject: [PATCH 5/9] update coverity build script to use makefile.unix it seems like the regular makefile is somehow broken... --- coverity.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/coverity.sh b/coverity.sh index 0c91938..8f30596 100755 --- a/coverity.sh +++ b/coverity.sh @@ -16,7 +16,7 @@ myCflags="" myCflags="$myCflags -O2 ${2}" myCflags="$myCflags -pipe -Werror -Wpointer-arith -Winit-self -Wextra -Wall -Wformat -Wformat-security" -CFLAGS="$myCflags" cov-build --dir cov-int make -f makefile -j3 IGNORE_SPEED=1 1>gcc_1.txt +CFLAGS="$myCflags" cov-build --dir cov-int make -f makefile.unix $MAKE_OPTS IGNORE_SPEED=1 1>gcc_1.txt if [ $? -ne 0 ] then From af38b1830eef6f56586c22e15800a2a3f1d37d47 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 26 Jun 2017 14:02:52 +0200 Subject: [PATCH 6/9] re-factor size checks in blake2 implementations --- src/hashes/blake2b.c | 4 ++-- src/hashes/blake2s.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/hashes/blake2b.c b/src/hashes/blake2b.c index 9138d39..6c34319 100644 --- a/src/hashes/blake2b.c +++ b/src/hashes/blake2b.c @@ -333,14 +333,14 @@ int blake2b_process(hash_state *md, const unsigned char *in, unsigned long inlen LTC_ARGCHK(md != NULL); LTC_ARGCHK(in != NULL); - if (md->blake2b.curlen > sizeof(md->blake2b.buf)) { + if (md->blake2b.curlen >= sizeof(md->blake2b.buf)) { return CRYPT_INVALID_ARG; } if (inlen > 0) { unsigned long left = md->blake2b.curlen; unsigned long fill = BLAKE2B_BLOCKBYTES - left; - if (inlen > fill) { + if (inlen >= fill) { md->blake2b.curlen = 0; XMEMCPY(md->blake2b.buf + left, in, fill); /* Fill buffer */ blake2b_increment_counter(md, BLAKE2B_BLOCKBYTES); diff --git a/src/hashes/blake2s.c b/src/hashes/blake2s.c index 9e26324..a3fdc56 100644 --- a/src/hashes/blake2s.c +++ b/src/hashes/blake2s.c @@ -321,14 +321,14 @@ int blake2s_process(hash_state *md, const unsigned char *in, unsigned long inlen LTC_ARGCHK(md != NULL); LTC_ARGCHK(in != NULL); - if (md->blake2s.curlen > sizeof(md->blake2s.buf)) { + if (md->blake2s.curlen >= sizeof(md->blake2s.buf)) { return CRYPT_INVALID_ARG; } if (inlen > 0) { unsigned long left = md->blake2s.curlen; unsigned long fill = BLAKE2S_BLOCKBYTES - left; - if (inlen > fill) { + if (inlen >= fill) { md->blake2s.curlen = 0; XMEMCPY(md->blake2s.buf + left, in, fill); /* Fill buffer */ blake2s_increment_counter(md, BLAKE2S_BLOCKBYTES); From 1a3880fda538b99eb103efdb1bda2d74bb20c29b Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 27 Jun 2017 12:33:40 +0200 Subject: [PATCH 7/9] Revert "re-factor size checks in blake2 implementations" This reverts commit af38b1830eef6f56586c22e15800a2a3f1d37d47. --- src/hashes/blake2b.c | 4 ++-- src/hashes/blake2s.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/hashes/blake2b.c b/src/hashes/blake2b.c index 6c34319..9138d39 100644 --- a/src/hashes/blake2b.c +++ b/src/hashes/blake2b.c @@ -333,14 +333,14 @@ int blake2b_process(hash_state *md, const unsigned char *in, unsigned long inlen LTC_ARGCHK(md != NULL); LTC_ARGCHK(in != NULL); - if (md->blake2b.curlen >= sizeof(md->blake2b.buf)) { + if (md->blake2b.curlen > sizeof(md->blake2b.buf)) { return CRYPT_INVALID_ARG; } if (inlen > 0) { unsigned long left = md->blake2b.curlen; unsigned long fill = BLAKE2B_BLOCKBYTES - left; - if (inlen >= fill) { + if (inlen > fill) { md->blake2b.curlen = 0; XMEMCPY(md->blake2b.buf + left, in, fill); /* Fill buffer */ blake2b_increment_counter(md, BLAKE2B_BLOCKBYTES); diff --git a/src/hashes/blake2s.c b/src/hashes/blake2s.c index a3fdc56..9e26324 100644 --- a/src/hashes/blake2s.c +++ b/src/hashes/blake2s.c @@ -321,14 +321,14 @@ int blake2s_process(hash_state *md, const unsigned char *in, unsigned long inlen LTC_ARGCHK(md != NULL); LTC_ARGCHK(in != NULL); - if (md->blake2s.curlen >= sizeof(md->blake2s.buf)) { + if (md->blake2s.curlen > sizeof(md->blake2s.buf)) { return CRYPT_INVALID_ARG; } if (inlen > 0) { unsigned long left = md->blake2s.curlen; unsigned long fill = BLAKE2S_BLOCKBYTES - left; - if (inlen >= fill) { + if (inlen > fill) { md->blake2s.curlen = 0; XMEMCPY(md->blake2s.buf + left, in, fill); /* Fill buffer */ blake2s_increment_counter(md, BLAKE2S_BLOCKBYTES); From f5b8cc9dae1c48b39165226cb47f2ccd1876c625 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 27 Jun 2017 12:35:39 +0200 Subject: [PATCH 8/9] this should really implement a patch for the illegal access --- src/hashes/blake2b.c | 2 +- src/hashes/blake2s.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/hashes/blake2b.c b/src/hashes/blake2b.c index 9138d39..2524286 100644 --- a/src/hashes/blake2b.c +++ b/src/hashes/blake2b.c @@ -342,7 +342,7 @@ int blake2b_process(hash_state *md, const unsigned char *in, unsigned long inlen unsigned long fill = BLAKE2B_BLOCKBYTES - left; if (inlen > fill) { md->blake2b.curlen = 0; - XMEMCPY(md->blake2b.buf + left, in, fill); /* Fill buffer */ + XMEMCPY(md->blake2b.buf + (left % sizeof(md->blake2b.buf)), in, fill); /* Fill buffer */ blake2b_increment_counter(md, BLAKE2B_BLOCKBYTES); blake2b_compress(md, md->blake2b.buf); /* Compress */ in += fill; diff --git a/src/hashes/blake2s.c b/src/hashes/blake2s.c index 9e26324..1cbf597 100644 --- a/src/hashes/blake2s.c +++ b/src/hashes/blake2s.c @@ -330,7 +330,7 @@ int blake2s_process(hash_state *md, const unsigned char *in, unsigned long inlen unsigned long fill = BLAKE2S_BLOCKBYTES - left; if (inlen > fill) { md->blake2s.curlen = 0; - XMEMCPY(md->blake2s.buf + left, in, fill); /* Fill buffer */ + XMEMCPY(md->blake2s.buf + (left % sizeof(md->blake2s.buf)), in, fill); /* Fill buffer */ blake2s_increment_counter(md, BLAKE2S_BLOCKBYTES); blake2s_compress(md, md->blake2s.buf); /* Compress */ in += fill; From 0a6af8d333a0bc08791094381009ffbb50450bca Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 27 Jun 2017 19:01:56 +0200 Subject: [PATCH 9/9] rsa_exptmod(): verify that p and q are valid before going the CRT path --- src/pk/rsa/rsa_exptmod.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/pk/rsa/rsa_exptmod.c b/src/pk/rsa/rsa_exptmod.c index e85be44..37f62d1 100644 --- a/src/pk/rsa/rsa_exptmod.c +++ b/src/pk/rsa/rsa_exptmod.c @@ -97,9 +97,11 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, } #endif /* LTC_RSA_BLINDING */ - has_crt_parameters = (key->dP != NULL) && (mp_get_digit_count(key->dP) != 0) && - (key->dQ != NULL) && (mp_get_digit_count(key->dQ) != 0) && - (key->qP != NULL) && (mp_get_digit_count(key->qP) != 0); + has_crt_parameters = (key->p != NULL) && (mp_get_digit_count(key->p) != 0) && + (key->q != NULL) && (mp_get_digit_count(key->q) != 0) && + (key->dP != NULL) && (mp_get_digit_count(key->dP) != 0) && + (key->dQ != NULL) && (mp_get_digit_count(key->dQ) != 0) && + (key->qP != NULL) && (mp_get_digit_count(key->qP) != 0); if (!has_crt_parameters) { /*