TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
878 Commits 1 Branch 0 Tags
Commit Graph

442 Commits

Author SHA1 Message Date
Steffen Jaeckel
7c2ff8ebfe show ROtate operator configuration in build settings 
[skip ci]
 2016-01-05 23:55:06 +01:00
Steffen Jaeckel
f5016d88dd Prevent undefined behavior 
Don't call XMEMCPY() in case info (the source parameter to memcpy) is NULL
as this would trigger UB
 2015-12-05 14:31:38 +01:00
Steffen Jaeckel
318dbbccc3 fix wrongly used LTC_ARGCHK/LTC_ARGCHKVD macros 2015-12-05 14:31:37 +01:00
Steffen Jaeckel
460b8716c9 fix clang-analyzer warnings 
This fixes #80
 2015-12-05 14:31:01 +01:00
Steffen Jaeckel
16f397d55c prevent segfault in case we hit an empty sequence 2015-09-10 19:17:42 +02:00
Steffen Jaeckel
d4945ac521 add (nearly) all defines from tomcrypt_custom.h to crypt_build_settings 
... and provide a new make target to check if something is missing
 2015-09-08 21:09:49 +02:00
Steffen Jaeckel
733c52aa00 add LTC_RSA_CRT_HARDENING to crypt_build_settings 2015-09-08 21:04:33 +02:00
Steffen Jaeckel
01f1845402 harden RSA CRT by implementing the proposed countermeasure 
... from ch. 1.3 of [1]

[1] https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf
 2015-09-08 02:44:17 +02:00
Steffen Jaeckel
6ec93afa3c clean-up test-build and extend tomcrypt_custom.h 
added LTC_MINIMAL to be able do a build without nearly any
functionality :)
make sure timing resistant RSA & ECC are enabled if not said otherwise
 2015-09-01 17:36:43 +02:00
Steffen Jaeckel
8cb20e6059 add more DES test vectors 2015-08-31 15:09:36 +02:00
Sebastian Verschoor
75b114517a make sure no cache-based timing attack is possible 
instead of two different buffers, there is just one buffer. Based upon the verification result, a mask is applied to the buffer before it is written to the output buffer.
 2015-08-26 00:08:38 +02:00
Steffen Jaeckel
09e4b0ec9b don't reveal plaintext if authentication failed 
Create two buffers of the same size as the input data.
Copy the input data to the first one and work with that version to hold the
decrypted data, zeroize the second one.
Copy depending on the verification result, either the zero-buffer or the
real plaintext to the output buffer.
 2015-08-26 00:08:38 +02:00
Steffen Jaeckel
6c11ca771b fix compile error of tests 2015-08-26 00:08:38 +02:00
Sebastian Verschoor
25af184cd5 Quickfix for issue #73 
The API of the function is changed (for decryption, tag is now an input
parameter). With the old API it is impossible to confirm to the NIST
specification and a timing sidechannel leak is inevitable.
 2015-08-26 00:08:38 +02:00
Steffen Jaeckel
f9c8c9c229 also test XTS accelerators 2015-08-26 00:05:07 +02:00
Steffen Jaeckel
181d2f2df7 auto-format xts code 2015-08-26 00:02:50 +02:00
Steffen Jaeckel
b25d04ed94 fix pointer check 2015-08-25 23:58:22 +02:00
Jerome Forissier
5c3f177b34 Add function pointers for accelerated XTS to ltc_cipher_descriptor 
Similar to what already exists for other modes.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
 2015-08-25 23:58:22 +02:00
Steffen Jaeckel
a13257094e handle LTC_NO_FAST before handling LTC_FAST 2015-08-23 22:59:15 +02:00
Steffen Jaeckel
ee03c97cde add crc32 2015-08-23 22:59:14 +02:00
Steffen Jaeckel
9585faca2b re-work debug output of some tests 2015-08-23 22:59:14 +02:00
Steffen Jaeckel
1987a2f975 add adler32 checksum algorithm 2015-08-23 22:59:14 +02:00
Pascal Brand
3605983f09 Introduce ECC raw algorithms for sign and verify 
As it is performed on dsa, raw sign and verify on ECC
are introduced.

Signed-off-by: Pascal Brand <pascal.brand@st.com>
 2015-08-21 22:14:03 +02:00
Sebastian Verschoor
67973b04ae fix #74 2015-08-21 21:29:56 +02:00
Steffen Jaeckel
c28cc9e3e9 crypt_build_settings: remove build date and time 2015-05-07 10:32:12 +02:00
Karel Miko
aeaa6d4a51 cygwin related fix - variable name B0 changed to B_0 (part 2) 2015-04-17 08:59:35 +02:00
Karel Miko
6a257e15cd cygwin related fix - variable name B0 changed to B_0 as it caused collision when compiling libtomcrypt as a perl module (for some reason only on cygwin) 2015-04-17 08:56:42 +02:00
Karel Miko
a8e91afb16 cygwin/64bit related fix - added !defined(__x86_64__) 2015-04-17 08:50:38 +02:00
Uli Köhler
d24e9cd32d Fix config file reference 2015-03-27 21:41:51 +01:00
Pascal Brand
f20b5daf39 Use XMEM_NEQ instead of mem_neq 
mem_neq is no more used directly. XMEM_NEQ is used instead,
in the same way XMEMCMP, XMEMCPY,... are.

Signed-off-by: Pascal Brand <pascal.brand@st.com>
 2015-02-27 08:54:30 +01:00
Steffen Jaeckel
dfa938a4f6 verify outcome when defining LTC_NOTHING 
check that LTC_NOTHING really creates nothing but the libraries' basic
API functions
 2015-02-15 17:25:45 +01:00
Steffen Jaeckel
90e968a202 der_decode_subject_public_key_info: fix compile error 
also make it possible to define min/max RSA key sizes externally

This closes #59
 2015-02-15 16:32:12 +01:00
Saleem Abdulrasool
62878de0c5 adjust inline asm requiring constants 
In order to ensure that the shift is within range, convert the inline assembly
routines into macros with compound statements.
 2015-01-20 22:36:07 +01:00
Steffen Jaeckel
0b6915740c saferp: enclose macros in do{}while(0) loop 2015-01-20 22:36:07 +01:00
Steffen Jaeckel
9782c09a3a use XMEM{CMP, CPY, SET} macros instead of standard versions 2015-01-20 22:36:06 +01:00
Steffen Jaeckel
1e9e98aa0d make pkcs#1 decode functions constant-time 
as proposed in RFC 3447 only one error return code is used when there are
errors while decoding the pkcs#1 format.
also, all steps are executed and only the "output" is skipped if something
went wrong.

Sorry this could break backwards compatibility, since there's no more
BUFFER_OVERFLOW messaging.
Former error-handling code could also be affected because now there's only
OK as return code in cases where "res" is also set to '1'.
 2014-11-13 22:26:59 +01:00
Steffen Jaeckel
e57c92fd23 replace calls to standard memcmp with constant memcmp where necessary 2014-11-13 22:09:45 +01:00
Steffen Jaeckel
26c5d54e5c add constant-time memcmp() 
[skip ci]
 2014-11-12 23:59:27 +01:00
Steffen Jaeckel
f2f8342c43 ccm test: add missing AAD 2014-11-02 17:01:56 +01:00
Steffen Jaeckel
943a858d6c also run testvectors on new CCM API 
[skip ci]
 2014-10-31 19:41:14 +01:00
Steffen Jaeckel
4efa27ead1 add missing pointer checks 2014-10-31 19:39:03 +01:00
Steffen Jaeckel
53917750d8 trim trailing spaces 2014-10-31 19:38:47 +01:00
Pascal Brand
992506cb49 Add incremental CCM authentication processing 
CCM is only meant for packet mode where the length of the input is known in
advance. Since it is a packet mode function, CCM only had one function that
performs the protocol.

However, incremental authentication is usefull in some usecases. It also
ensure some kind of coherencies when processing with a given authentication
mode or another. To achieve this aim, this commit adds the following functions:
    ccm_init()
    ccm_add_aad()
    cm_add_nonce()
    ccm_process()
    ccm_done()
    ccm_reset()
as well as the data structure
    ccm_state

Change-Id: I5225a42bb098708c4af07518b561bb00f85bc243
 2014-10-17 09:00:19 +02:00
Steffen Jaeckel
ed28703804 der_decode_sequence_multi: calm coverity 2014-10-10 01:07:58 +02:00
Steffen Jaeckel
ee1631f8b3 dsa import: no output on stderr please 2014-10-06 19:00:50 +02:00
Steffen Jaeckel
6bd6319fb0 der flexi decoder: implement decoding of context-specific data 2014-10-06 18:57:42 +02:00
Steffen Jaeckel
2d8933e4f1 der: add new enum element for context-specific encodings 2014-10-06 18:57:42 +02:00
Steffen Jaeckel
f0a1235614 der flexi decoder: remove duplicate code 2014-10-06 18:57:41 +02:00
Steffen Jaeckel
3d1231ab15 der flexi decoder: improve CONSTRUCTED type decoding 
remove all teh flags
save the entire original identifier
 2014-10-06 17:51:25 +02:00
Steffen Jaeckel
c1e81ad469 minor changes 
print MP_DIGIT_BIT when running test
der_test: improve error output of 'short integer' test
 2014-09-30 13:26:18 +02:00