Codebase list libcryptx-perl / a764616
update libtomcrypt Karel Miko 3 years ago
11 changed file(s) with 49 addition(s) and 30 deletion(s). Raw diff Collapse all Expand all
11
22 0.072 2021-XX-XX
33 - fix #69 Identifier Octet's Leniency in RSA PKCS#1 Signature Verification
4 - bundled libtomcrypt update branch:develop (commit:ddf1b63a 2021-04-10)
4 - bundled libtomcrypt update branch:develop (commit:165c795b 2021-04-14)
55
66 0.071 2021-03-30
77 - fix #67 (better handling of PEM decoding failures)
2424 if ((15 - ccm->noncelen) > ccm->L) {
2525 ccm->L = 15 - ccm->noncelen;
2626 }
27 if (ccm->L > 8) {
28 return CRYPT_INVALID_ARG;
29 }
2730
2831 /* decrease noncelen to match L */
2932 if ((ccm->noncelen + ccm->L) > 15) {
3740 (ccm->L-1));
3841
3942 /* nonce */
40 for (y = 0; y < (16 - (ccm->L + 1)); y++) {
43 for (y = 0; y < 15 - ccm->L; y++) {
4144 ccm->PAD[x++] = nonce[y];
4245 }
4346
3434 }
3535
3636 /* make sure the taglen is valid */
37 if (taglen < 4 || taglen > 16 || (taglen % 2) == 1) {
37 if (taglen < 4 || taglen > 16 || (taglen % 2) == 1 || aadlen < 0 || ptlen < 0) {
3838 return CRYPT_INVALID_ARG;
3939 }
4040 ccm->taglen = taglen;
7474 }
7575
7676 /* make sure the taglen is valid */
77 if (*taglen < 4 || *taglen > 16 || (*taglen % 2) == 1) {
77 if (*taglen < 4 || *taglen > 16 || (*taglen % 2) == 1 || headerlen > 0x7fffffffu) {
7878 return CRYPT_INVALID_ARG;
7979 }
8080
107107 if ((15 - noncelen) > L) {
108108 L = 15 - noncelen;
109109 }
110 if (L > 8) {
111 return CRYPT_INVALID_ARG;
112 }
110113
111114 /* allocate mem for the symmetric key */
112115 if (uskey == NULL) {
140143 (L-1));
141144
142145 /* nonce */
143 for (y = 0; y < (16 - (L + 1)); y++) {
146 for (y = 0; y < 15 - L; y++) {
144147 PAD[x++] = nonce[y];
145148 }
146149
104104 #define ENDIAN_64BITWORD
105105 #if defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__)
106106 #define ENDIAN_BIG
107 #endif
107 #else
108108 #define ENDIAN_LITTLE
109109 #endif
110110 #endif
181181 defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ || \
182182 defined(__BIG_ENDIAN__) || \
183183 defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \
184 defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__)
184 defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__) || \
185 defined(__m68k__)
185186 #define ENDIAN_BIG
186187 #elif defined(_BYTE_ORDER) && _BYTE_ORDER == _LITTLE_ENDIAN || \
187188 defined(__BYTE_ORDER) && __BYTE_ORDER == __LITTLE_ENDIAN || \
285286
286287 #if !defined(LTC_NO_ROTATE) && (__has_builtin(__builtin_rotateleft32) && __has_builtin(__builtin_rotateright32))
287288 #define LTC_HAVE_ROTATE_BUILTIN
289 #endif
290
291 #if defined(__GNUC__)
292 #define LTC_ALIGN(n) __attribute__((aligned(n)))
293 #else
294 #define LTC_ALIGN(n)
288295 #endif
289296
290297 #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 405)
302309 # define LTC_DEPRECATED(s)
303310 # define LTC_DEPRECATED_PRAGMA(s)
304311 #endif
312
313 #endif /* TOMCRYPT_CFG_H */
317317 ctrlen;
318318
319319 /** The counter */
320 unsigned char ctr[MAXBLOCKSIZE],
320 unsigned char ctr[MAXBLOCKSIZE];
321321 /** The pad used to encrypt/decrypt */
322 pad[MAXBLOCKSIZE];
322 unsigned char pad[MAXBLOCKSIZE] LTC_ALIGN(16);
323323 /** The scheduled key */
324324 symmetric_key key;
325325 } symmetric_CTR;
394394 typedef struct {
395395 symmetric_key K;
396396 int cipher, /* which cipher */
397 taglen, /* length of the tag */
397 taglen, /* length of the tag (encoded in M value) */
398398 x; /* index in PAD */
399399
400400 unsigned long L, /* L value */
404404 current_aadlen, /* length of the currently provided add */
405405 noncelen; /* length of the nonce */
406406
407 unsigned char PAD[16],
407 unsigned char PAD[16], /* flags | Nonce N | l(m) */
408408 ctr[16],
409409 CTRPAD[16],
410410 CTRlen;
481481 #ifdef LTC_GCM_TABLES
482482 unsigned char PC[16][256][16] /* 16 tables of 8x128 */
483483 #ifdef LTC_GCM_TABLES_SSE2
484 __attribute__ ((aligned (16)))
484 LTC_ALIGN(16)
485485 #endif
486486 ;
487487 #endif
383383
384384 #ifdef LTC_MDSA
385385
386 /* Max diff between group and modulus size in bytes */
387 #define LTC_MDSA_DELTA 512
388
389 /* Max DSA group size in bytes (default allows 4k-bit groups) */
390 #define LTC_MDSA_MAX_GROUP 512
386 /* Max diff between group and modulus size in bytes (max case: L=8192bits, N=256bits) */
387 #define LTC_MDSA_DELTA 992
388
389 /* Max DSA group size in bytes */
390 #define LTC_MDSA_MAX_GROUP 64
391
392 /* Max DSA modulus size in bytes (the actual DSA size, max 8192 bits) */
393 #define LTC_MDSA_MAX_MODULUS 1024
391394
392395 /** DSA key structure */
393396 typedef struct {
6363 }
6464 #if defined(LTC_TEST) && defined(LTC_TEST_DBG)
6565 if (res != 0) {
66 fprintf(stderr, "Testvector #%i of %s failed:\n", which, what);
66 fprintf(stderr, "Testvector #%i(0x%x) of %s failed:\n", which, which, what);
6767 s_print_hex("SHOULD", should, should_len);
6868 s_print_hex("IS ", is, is_len);
6969 #if LTC_TEST_DBG > 1
7070 } else {
71 fprintf(stderr, "Testvector #%i of %s passed!\n", which, what);
71 fprintf(stderr, "Testvector #%i(0x%x) of %s passed!\n", which, which, what);
7272 #endif
7373 }
7474 #else
101101 {"LTC_MDSA", 1},
102102 C_STRINGIFY(LTC_MDSA_DELTA),
103103 C_STRINGIFY(LTC_MDSA_MAX_GROUP),
104 C_STRINGIFY(LTC_MDSA_MAX_MODULUS),
104105 #else
105106 {"LTC_MDSA", 0},
106107 #endif
2525 int err, res, mr_tests_q, mr_tests_p, found_p, found_q, hash;
2626 unsigned char *wbuf, *sbuf, digest[MAXBLOCKSIZE];
2727 void *t2L1, *t2N1, *t2q, *t2seedlen, *U, *W, *X, *c, *h, *e, *seedinc;
28 const char *accepted_hashes[] = { "sha3-512", "sha512", "sha3-384", "sha384", "sha3-256", "sha256" };
2829
2930 /* check size */
30 if (group_size >= LTC_MDSA_MAX_GROUP || group_size < 1 || group_size >= modulus_size) {
31 if (group_size > LTC_MDSA_MAX_GROUP || group_size < 1 || group_size >= modulus_size || modulus_size > LTC_MDSA_MAX_MODULUS) {
3132 return CRYPT_INVALID_ARG;
3233 }
3334
8687 else { mr_tests_q = 64; }
8788 #endif
8889
89 if (N <= 256) {
90 hash = register_hash(&sha256_desc);
91 }
92 else if (N <= 384) {
93 hash = register_hash(&sha384_desc);
94 }
95 else if (N <= 512) {
96 hash = register_hash(&sha512_desc);
97 }
98 else {
90 hash = -1;
91 for (i = 0; i < sizeof(accepted_hashes)/sizeof(accepted_hashes[0]); ++i) {
92 hash = find_hash(accepted_hashes[i]);
93 if (hash != -1) break;
94 }
95 if (hash == -1) {
96 return CRYPT_INVALID_ARG; /* no appropriate hash function found */
97 }
98 if (N > hash_descriptor[hash].hashsize * 8) {
9999 return CRYPT_INVALID_ARG; /* group_size too big */
100100 }
101101