Merge pull request #751 from libtom/more-fixes-and-improvements

More fixes and improvements

Author: sjaeckel

.ci/build_options.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+
+if [ "$#" != "5" ]; then
+    echo "Usage is: ${0} \"build_options\" \"<prepend CFLAGS>\" \"<makefile>\" \"<append CFLAGS>\" <math library to link to>"
+    echo "CC=gcc ${0} \"build_options\" \" \" \"makefile\" \"-DUSE_LTM -DLTM_DESC -I../libtommath\" ../libtommath/libtommath.a"
+    exit -1
+fi
+
+# output version
+bash .ci/printinfo.sh
+
+set -e
+
+options=(
+-DLTC_EASY
+-DLTC_FORTUNA_RESEED_RATELIMIT_STATIC
+-DLTC_FORTUNA_USE_ENCRYPT_ONLY
+-DLTC_MECC_FP
+-DLTC_NO_TABLES
+-DLTC_NO_FAST
+-DLTC_NO_ASM
+-DLTC_NO_DEPRECATED_APIS
+-DLTC_NO_ECC_TIMING_RESISTANT
+-DLTC_NO_RSA_BLINDING
+-DLTC_PTHREAD
+-DLTC_SMALL_CODE
+-DLTC_SMALL_STACK
+)
+
+make clean V=0
+make pre_gen
+for opt in ${options[@]}; do
+  echo "Build: $opt"
+  CFLAGS="$2 $CFLAGS $4 $opt" EXTRALIBS="$5" make -j$(nproc) -f $3 AMALGAM=1 all 1>>gcc_1.txt 2>>gcc_2.txt
+  ./small
+  make clean V=0
+done
+
+# we don't want LTC_EASY when running the tests now
+unset 'options[0]'
+
+echo "All: ${options[@]}"
+CFLAGS="$2 $CFLAGS $4 ${options[@]}" EXTRALIBS="$5" make -j$(nproc) -f $3 AMALGAM=1 all 1>>gcc_1.txt 2>>gcc_2.txt
+./test >test_std.txt 2>test_err.txt
+
+exit 0

.ci/coverage_more.sh

@@ -32,5 +32,17 @@ else
   echo "hashsum okay"
 fi
 
+pdiv "aesgcm"
+./hashsum -a sha256 aesgcm > aesgcm.sha256sum
+./aesgcm -e aesgcm aesgcm.enc0 "00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF"
+./aesgcm -d aesgcm.enc0 aesgcm.dec0 "00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF"
+./aesgcm -e aesgcm aesgcm.enc1 "00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF00112233445566778899AABB"
+./aesgcm -d aesgcm.enc1 aesgcm.dec1 "00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF00112233445566778899AABB"
+for i in {0..1}; do
+  rm aesgcm
+  mv aesgcm.dec${i} aesgcm
+  ./hashsum -c aesgcm.sha256sum
+done
+chmod +x aesgcm
 
 exit 0

.github/workflows/main.yml

@@ -45,20 +45,8 @@ jobs:
           - { BUILDNAME: 'META_BUILDS',             BUILDOPTIONS: '-DGMP_DESC',                                                           BUILDSCRIPT: '.ci/meta_builds.sh' }
           - { BUILDNAME: 'VALGRIND',                BUILDOPTIONS: '',                                                                     BUILDSCRIPT: '.ci/valgrind.sh' }
           - { BUILDNAME: 'STOCK',                   BUILDOPTIONS: '',                                                                     BUILDSCRIPT: '.ci/run.sh' }
+          - { BUILDNAME: 'BUILD_OPTIONS',           BUILDOPTIONS: '',                                                                     BUILDSCRIPT: '.ci/build_options.sh' }
           - { BUILDNAME: 'STOCK-MPI',               BUILDOPTIONS: '-ULTM_DESC -UTFM_DESC -UUSE_LTM -UUSE_TFM',                            BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'EASY',                    BUILDOPTIONS: '-DLTC_EASY',                                                           BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'SMALL_CODE',              BUILDOPTIONS: '-DLTC_SMALL_CODE',                                                     BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'SMALL_STACK',             BUILDOPTIONS: '-DLTC_SMALL_STACK',                                                    BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'SMALL',                   BUILDOPTIONS: '-DLTC_SMALL_CODE -DLTC_SMALL_STACK',                                   BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'NO_TABLES',               BUILDOPTIONS: '-DLTC_NO_TABLES',                                                      BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'NO_FAST',                 BUILDOPTIONS: '-DLTC_NO_FAST',                                                        BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'NO_FAST+SMALL+NO_TABLES', BUILDOPTIONS: '-DLTC_NO_FAST -DLTC_SMALL_CODE -DLTC_SMALL_STACK -DLTC_NO_TABLES',     BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'NO_ASM',                  BUILDOPTIONS: '-DLTC_NO_ASM',                                                         BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'NO_DEPRECATED_APIS',      BUILDOPTIONS: '-DLTC_NO_DEPRECATED_APIS',                                             BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'NO_TIMING_RESISTANCE',    BUILDOPTIONS: '-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING',                  BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'FORTUNA_CUSTOM_OPTIONS',  BUILDOPTIONS: '-DLTC_FORTUNA_USE_ENCRYPT_ONLY -DLTC_FORTUNA_RESEED_RATELIMIT_STATIC', BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'ECC_FP',                  BUILDOPTIONS: '-DLTC_MECC_FP',                                                        BUILDSCRIPT: '.ci/run.sh' }
-          - { BUILDNAME: 'ECC_FP+PTHREAD',          BUILDOPTIONS: '-DLTC_MECC_FP -DLTC_PTHREAD',                                          BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'STOCK+ARGTYPE=1',         BUILDOPTIONS: '-DARGTYPE=1',                                                          BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'STOCK+ARGTYPE=2',         BUILDOPTIONS: '-DARGTYPE=2',                                                          BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'STOCK+ARGTYPE=3',         BUILDOPTIONS: '-DARGTYPE=3',                                                          BUILDSCRIPT: '.ci/run.sh' }

demos/constants.c

@@ -2,11 +2,8 @@
 /* SPDX-License-Identifier: Unlicense */
 #include "tomcrypt.h"
 
-#if defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L
-#include <libgen.h>
-#else
-#define basename(x) x
-#endif
+#include <string.h>
+#define basename(path) ( strrchr((path), '/') ? strrchr((path), '/') + 1 : strrchr((path), '\\') ? strrchr((path), '\\') + 1 : (path) )
 
 /**
   @file demo_crypt_constants.c

demos/hashsum.c

@@ -12,11 +12,8 @@
 
 #include <tomcrypt.h>
 
-#if defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L
-#include <libgen.h>
-#else
-#define basename(x) x
-#endif
+#include <string.h>
+#define basename(path) ( strrchr((path), '/') ? strrchr((path), '/') + 1 : strrchr((path), '\\') ? strrchr((path), '\\') + 1 : (path) )
 
 #if !defined(PATH_MAX) && defined(_MSC_VER)
 #include <windows.h>

demos/sizes.c

@@ -3,11 +3,9 @@
 
 #include "tomcrypt.h"
 
-#if defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L
-#include <libgen.h>
-#else
-#define basename(x) x
-#endif
+#include <string.h>
+#define basename(path) ( strrchr((path), '/') ? strrchr((path), '/') + 1 : strrchr((path), '\\') ? strrchr((path), '\\') + 1 : (path) )
+
 /**
   @file demo_crypt_sizes.c
 

demos/timing.c

@@ -8,7 +8,9 @@
    #define PRI64  "ll"
 #endif
 
-static prng_state yarrow_prng;
+static prng_state timing_prng;
+static const char *timing_prng_name;
+static int timing_prng_id;
 
 /* timing */
 #define KTIMES  25
@@ -166,7 +168,7 @@ static void time_keysched(void)
     kl   = cipher_descriptor[x].min_key_length;
     c1 = (ulong64)-1;
     for (y1 = 0; y1 < KTIMES; y1++) {
-       yarrow_read(key, kl, &yarrow_prng);
+       prng_descriptor[timing_prng_id].read(key, kl, &timing_prng);
        t_start();
        DO1(key);
        t1 = t_read();
@@ -692,11 +694,11 @@ static const struct {
        for (y = 0; y < 4; y++) {
            t_start();
            t1 = t_read();
-           if ((err = dsa_generate_pqg(&yarrow_prng, find_prng("yarrow"), groups[x].group, groups[x].modulus, &key)) != CRYPT_OK) {
+           if ((err = dsa_generate_pqg(&timing_prng, timing_prng_id, groups[x].group, groups[x].modulus, &key)) != CRYPT_OK) {
               fprintf(stderr, "\n\ndsa_generate_pqg says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
               exit(EXIT_FAILURE);
            }
-           if ((err = dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) {
+           if ((err = dsa_generate_key(&timing_prng, timing_prng_id, &key)) != CRYPT_OK) {
               fprintf(stderr, "\n\ndsa_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
               exit(EXIT_FAILURE);
            }
@@ -734,8 +736,8 @@ static void time_rsa(void)
    ltc_rsa_op_parameters rsa_params = {
       .u.crypt.lparam = (const unsigned char *)"testprog",
       .u.crypt.lparamlen = 8,
-      .prng = &yarrow_prng,
-      .wprng = find_prng("yarrow"),
+      .prng = &timing_prng,
+      .wprng = timing_prng_id,
       .params.hash_idx = find_hash("sha1"),
       .params.mgf1_hash_idx = find_hash("sha1"),
       .params.saltlen = 8,
@@ -749,7 +751,7 @@ static void time_rsa(void)
        for (y = 0; y < 4; y++) {
            t_start();
            t1 = t_read();
-           if ((err = rsa_make_key(&yarrow_prng, find_prng("yarrow"), x/8, 65537, &key)) != CRYPT_OK) {
+           if ((err = rsa_make_key(&timing_prng, timing_prng_id, x/8, 65537, &key)) != CRYPT_OK) {
               fprintf(stderr, "\n\nrsa_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
               exit(EXIT_FAILURE);
            }
@@ -882,7 +884,7 @@ static void time_dh(void)
 
            t_start();
            t1 = t_read();
-           if ((err = dh_generate_key(&yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) {
+           if ((err = dh_generate_key(&timing_prng, timing_prng_id, &key)) != CRYPT_OK) {
               fprintf(stderr, "\n\ndh_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
               exit(EXIT_FAILURE);
            }
@@ -907,7 +909,7 @@ static void time_ecc(void)
    ulong64 t1, t2;
    unsigned char buf[2][256] = { 0 };
    unsigned long i, w, x, y, z;
-   int           err, stat;
+   int           err, stat, hashidx;
    const unsigned long sizes[] = {
 #ifdef LTC_ECC_SECP112R1
 112/8,
@@ -934,29 +936,48 @@ static void time_ecc(void)
 521/8,
 #endif
 100000};
+   prng_state ecc_prng;
    ltc_ecc_sig_opts sig_opts = {
                                 .type = LTC_ECCSIG_RFC7518,
-                                .prng = &yarrow_prng,
-                                .wprng = find_prng ("yarrow")
+                                .prng = &ecc_prng,
+                                .wprng = timing_prng_id
    };
+   const unsigned char prng_entropy[] = {
+                                          0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
+                                          0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
+                                          0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e,
+                                          0x1f, 0x20, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+                                          0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
+                                          0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c,
+                                          0x1d, 0x1e, 0x1f, 0x20
+   };
+   if ((err = prng_descriptor[timing_prng_id].pimport(prng_entropy, sizeof(prng_entropy), &ecc_prng)) != CRYPT_OK) {
+      fprintf(stderr, "\n\nprng.import() says %s!\n", error_to_string(err));
+      exit(EXIT_FAILURE);
+   }
+   if ((err = prng_descriptor[timing_prng_id].ready(&ecc_prng)) != CRYPT_OK) {
+      fprintf(stderr, "\n\nprng.ready() says %s!\n", error_to_string(err));
+      exit(EXIT_FAILURE);
+   }
 
    if (ltc_mp.name == NULL) return;
+   hashidx = find_hash("sha1");
 
    for (x = sizes[i=0]; x < 100000; x = sizes[++i]) {
        t2 = 0;
        for (y = 0; y < 256; y++) {
            t_start();
            t1 = t_read();
-           if ((err = ecc_make_key(&yarrow_prng, find_prng("yarrow"), x, &key)) != CRYPT_OK) {
+           if ((err = ecc_make_key(sig_opts.prng, sig_opts.wprng, x, &key)) != CRYPT_OK) {
               fprintf(stderr, "\n\necc_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
               exit(EXIT_FAILURE);
            }
            t1 = t_read() - t1;
            t2 += t1;
 
 #ifdef LTC_PROFILE
-       t2 <<= 8;
-       break;
+           t2 <<= 8;
+           break;
 #endif
 
            if (y < 255) {
@@ -971,21 +992,22 @@ static void time_ecc(void)
            t_start();
            t1 = t_read();
            z = sizeof(buf[1]);
-           if ((err = ecc_encrypt_key(buf[0], 20, buf[1], &z, &yarrow_prng, find_prng("yarrow"), find_hash("sha1"),
+           if ((err = ecc_encrypt_key(buf[0], 20, buf[1], &z, sig_opts.prng, sig_opts.wprng, hashidx,
                                       &key)) != CRYPT_OK) {
               fprintf(stderr, "\n\necc_encrypt_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
               exit(EXIT_FAILURE);
            }
            t1 = t_read() - t1;
            t2 += t1;
 #ifdef LTC_PROFILE
-       t2 <<= 8;
-       break;
+           t2 <<= 8;
+           break;
 #endif
        }
        t2 >>= 8;
        fprintf(stderr, "ECC-%lu encrypt_key took %15"PRI64"u cycles\n", x*8, t2);
 
+
        t2 = 0;
        for (y = 0; y < 256; y++) {
            t_start();
@@ -998,8 +1020,8 @@ static void time_ecc(void)
            t1 = t_read() - t1;
            t2 += t1;
 #ifdef LTC_PROFILE
-       t2 <<= 8;
-       break;
+           t2 <<= 8;
+           break;
 #endif
        }
        t2 >>= 8;
@@ -1017,8 +1039,8 @@ static void time_ecc(void)
            t1 = t_read() - t1;
            t2 += t1;
 #ifdef LTC_PROFILE
-       t2 <<= 8;
-       break;
+           t2 <<= 8;
+           break;
 #endif
         }
         t2 >>= 8;
@@ -1039,8 +1061,8 @@ static void time_ecc(void)
           t1 = t_read() - t1;
           t2 += t1;
 #ifdef LTC_PROFILE
-       t2 <<= 8;
-       break;
+          t2 <<= 8;
+          break;
 #endif
         }
         t2 >>= 8;
@@ -1245,8 +1267,8 @@ static void time_macs_(unsigned long MAC_SIZE)
       exit(EXIT_FAILURE);
    }
 
-   yarrow_read(ctx.buf, ctx.size, &yarrow_prng);
-   yarrow_read(ctx.key, 16, &yarrow_prng);
+   prng_descriptor[timing_prng_id].read(ctx.buf, ctx.size, &timing_prng);
+   prng_descriptor[timing_prng_id].read(ctx.key, sizeof(ctx.key), &timing_prng);
 
    for (n = 0; n < LTC_ARRAY_SIZE(time_funs); ++n) {
       if (!should_skip(time_funs[n].name))
@@ -1498,9 +1520,9 @@ static void time_eacs_(unsigned long MAC_SIZE)
 
    ctx.cipher_idx = find_cipher("aes");
 
-   yarrow_read(ctx.buf, ctx.size, &yarrow_prng);
-   yarrow_read(ctx.key, sizeof(ctx.key), &yarrow_prng);
-   yarrow_read(ctx.IV, sizeof(ctx.IV), &yarrow_prng);
+   prng_descriptor[timing_prng_id].read(ctx.buf, ctx.size, &timing_prng);
+   prng_descriptor[timing_prng_id].read(ctx.key, sizeof(ctx.key), &timing_prng);
+   prng_descriptor[timing_prng_id].read(ctx.IV, sizeof(ctx.IV), &timing_prng);
 
    for (n = 0; n < LTC_ARRAY_SIZE(time_funs); ++n) {
       if (!should_skip(time_funs[n].name))
@@ -1605,8 +1627,12 @@ register_all_prngs();
    } else if (argc > 3){
       filter_arg = argv[3];
    }
-
-if ((err = rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL)) != CRYPT_OK) {
+if (find_prng("sober128") != -1)
+   timing_prng_name = "sober128";
+else
+   timing_prng_name = "yarrow";
+timing_prng_id = find_prng(timing_prng_name);
+if ((err = rng_make_prng(128, timing_prng_id, &timing_prng, NULL)) != CRYPT_OK) {
    fprintf(stderr, "rng_make_prng failed: %s\n", error_to_string(err));
    exit(EXIT_FAILURE);
 }

doc/makefile

@@ -59,5 +59,5 @@ termdoc: docdvi
 	dvi2tty crypt.dvi -w120
 
 clean:
-	rm -f $(LEFTOVERS)
-	rm -rf doxygen/
+	${silent} rm -f $(LEFTOVERS)
+	${silent} rm -rf doxygen/

helper.pl

@@ -71,6 +71,7 @@ sub check_source {
         my $n = $1;
         push @{$troubles->{invalid_macro_name}}, "$lineno($n)"
                 unless ($file eq 'src/headers/tomcrypt_cfg.h' &&  $n eq '__has_builtin') ||
+                       ($file eq 'src/headers/tomcrypt_cfg.h' &&  $n eq '__has_attribute') ||
                        ($file eq 'src/headers/tomcrypt_cfg.h' &&  $n eq '_WIN32_WINNT') ||
                        ($file eq 'src/prngs/rng_get_bytes.c' &&  $n eq '_WIN32_WINNT');
       }

makefile

@@ -156,6 +156,10 @@ pre_gen/tomcrypt_amalgam.c: $(TAB_SOURCES) $(SOURCES)
 	printf "#define LTC_WHIRLTAB_C\n\n" >> $@
 	printf "#include \"tomcrypt_private.h\"\n\n" >> $@
 	cat $^ >> $@
+	printf "#define ENCRYPT_ONLY\n\n" >> $@
+	cat src/ciphers/aes/aes.c >> $@
+	cat src/ciphers/aes/aes_desc.c >> $@
+	printf "#undef ENCRYPT_ONLY\n\n" >> $@
 
 pre_gen: pre_gen/tomcrypt_amalgam.c