Merge pull request #504 from libtom/minor-fixes

Minor fixes and improvements

Author: sjaeckel

.ci/meta_builds.sh

@@ -34,7 +34,7 @@ function run_gcc() {
 
    ASAN_OPTIONS=verbosity=1 ./test t ltm 1>test_std.txt 2> test_err.txt || exit 1
 
-   if echo $2 | grep -q GMP ; then
+   if echo $* | grep -q GMP ; then
       echo
       echo "Run ASAN tests with GMP..."
 
@@ -68,7 +68,7 @@ function run_clang() {
    echo "Run UBSAN tests with LTM..."
    UBSAN_OPTIONS=verbosity=1 ./test t ltm 1>test_std.txt 2> test_err.txt || exit 1
 
-   if echo $2 | grep -q GMP ; then
+   if echo $* | grep -q GMP ; then
       echo
       echo "Run UBSAN tests with GMP..."
 

.travis.yml

@@ -30,97 +30,97 @@ script:
     bash "${BUILDSCRIPT}" "${BUILDNAME}" "-DUSE_TFM -DTFM_DESC" "makefile.shared V=1" "${BUILDOPTIONS}" "-ltfm"
 env:
   - |
-    BUILDSCRIPT=".ci/meta_builds.sh"
     BUILDNAME="META_BUILDS"
     BUILDOPTIONS="-DGMP_DESC"
+    BUILDSCRIPT=".ci/meta_builds.sh"
   - |
-    BUILDSCRIPT=".ci/valgrind.sh"
     BUILDNAME="VALGRIND"
     BUILDOPTIONS=" "
+    BUILDSCRIPT=".ci/valgrind.sh"
   - |
-    BUILDSCRIPT=".ci/run.sh"
     BUILDNAME="STOCK"
     BUILDOPTIONS=" "
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK-MPI"
     BUILDOPTIONS="-ULTM_DESC -UTFM_DESC -UUSE_LTM -UUSE_TFM"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="EASY"
     BUILDOPTIONS="-DLTC_EASY"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="SMALL"
     BUILDOPTIONS="-DLTC_SMALL_CODE"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NOTABLES"
     BUILDOPTIONS="-DLTC_NO_TABLES"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="SMALL+NOTABLES"
     BUILDOPTIONS="-DLTC_SMALL_CODE -DLTC_NO_TABLES"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK"
     BUILDOPTIONS="-DLTC_CLEAN_STACK"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK+SMALL"
     BUILDOPTIONS="-DLTC_SMALL_CODE -DLTC_CLEAN_STACK"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK+NOTABLES"
     BUILDOPTIONS="-DLTC_NO_TABLES -DLTC_CLEAN_STACK"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK+NOTABLES+SMALL"
     BUILDOPTIONS="-DLTC_NO_TABLES -DLTC_CLEAN_STACK -DLTC_SMALL_CODE"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NO_FAST"
     BUILDOPTIONS="-DLTC_NO_FAST"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NO_FAST+NOTABLES"
     BUILDOPTIONS="-DLTC_NO_FAST -DLTC_NO_TABLES"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NO_ASM"
     BUILDOPTIONS="-DLTC_NO_ASM"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="NO_TIMING_RESISTANCE"
     BUILDOPTIONS="-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE+LTC_FORTUNA_RESEED_RATELIMIT_STATIC"
     BUILDOPTIONS="-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING -DLTC_FORTUNA_RESEED_RATELIMIT_STATIC"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="PTHREAD"
     BUILDOPTIONS="-DLTC_PTHREAD"
-  - |
     BUILDSCRIPT=".ci/run.sh"
-    BUILDNAME="CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE+LTC_FORTUNA_RESEED_RATELIMIT_STATIC+PTHREAD"
-    BUILDOPTIONS="-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING -DLTC_FORTUNA_RESEED_RATELIMIT_STATIC -DLTC_PTHREAD"
   - |
+    BUILDNAME="PTHREAD+CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE+LTC_FORTUNA_RESEED_RATELIMIT_STATIC"
+    BUILDOPTIONS="-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING -DLTC_FORTUNA_RESEED_RATELIMIT_STATIC -DLTC_PTHREAD"
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK+ARGTYPE=1"
     BUILDOPTIONS="-DARGTYPE=1"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK+ARGTYPE=2"
     BUILDOPTIONS="-DARGTYPE=2"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK+ARGTYPE=3"
     BUILDOPTIONS="-DARGTYPE=3"
-  - |
     BUILDSCRIPT=".ci/run.sh"
+  - |
     BUILDNAME="STOCK+ARGTYPE=4"
     BUILDOPTIONS="-DARGTYPE=4"
+    BUILDSCRIPT=".ci/run.sh"
 
 after_failure:
   - cat test_std.txt

demos/demo_dynamic.py

@@ -245,15 +245,29 @@ def digest(self):
         LTC.sha256_done(byref(self.state), byref(md))
         return md.raw
 
+# - - - - - - - - - - - - -
+# a SHA256 app fragment
+
+if SHOW_SHA256_EXAMPLE:
+    print('-'*60)
+    data = b'hello world'               # we want bytes, not Unicode
+
+    sha256 = SHA256()
+    sha256.update(data)
+    md = sha256.digest()
+
+    template = '\n  the SHA256 digest for "%s" is %s \n'
+    print(template % (data, hexlify(md)))
+
 class ChaCha(object):
     def __init__(self, key, rounds):
         self.state   = c_buffer(_get_size(b'chacha_state'))
-        self.counter = c_int(1)
+        self.counter = c_uint(1)
         err = LTC.chacha_setup(byref(self.state), key, len(key), rounds)
         if err != CRYPT_OK:
             raise Exception('LTC.chacha_setup(), err = %d, "%s"' % (err, _err2str(err)))
     def set_iv32(self, iv):
-        err = LTC.chacha_ivctr32(byref(self.state), iv, len(iv), byref(self.counter))
+        err = LTC.chacha_ivctr32(byref(self.state), iv, len(iv), self.counter)
         if err != CRYPT_OK:
             raise Exception('LTC.chacha_ivctr32(), err = %d, "%s"' % (err, _err2str(err)))
     def crypt(self, datain):
@@ -263,20 +277,6 @@ def crypt(self, datain):
             raise Exception('LTC.chacha_crypt(), err = %d, "%s"' % (err, _err2str(err)))
         return dataout.raw
 
-# - - - - - - - - - - - - -
-# a SHA256 app fragment
-
-if SHOW_SHA256_EXAMPLE:
-    print('-'*60)
-    data = b'hello world'               # we want bytes, not Unicode
-
-    sha256 = SHA256()
-    sha256.update(data)
-    md = sha256.digest()
-
-    template = '\n  the SHA256 digest for "%s" is %s \n'
-    print(template % (data, hexlify(md)))
-
 # - - - - - - - - - - - - -
 # a ChaCha app fragment
 

helper.pl

@@ -280,7 +280,7 @@ sub patch_file {
 
 sub version_from_tomcrypt_h {
   my $h = read_file(shift);
-  if ($h =~ /\n#define\s*SCRYPT\s*"([0-9]+)\.([0-9]+)\.([0-9]+)(.*)"/s) {
+  if ($h =~ /\n#define\s*SCRYPT\s*"([0-9]+)\.([0-9]+)\.([0-9]+)(\S*)"/s) {
     return "VERSION_PC=$1.$2.$3", "VERSION_LT=1:1", "VERSION=$1.$2.$3$4", "PROJECT_NUMBER=$1.$2.$3$4";
   }
   else {

makefile

@@ -5,6 +5,11 @@
 #
 #  (GNU make only)
 
+ifeq ($V,0)
+silent_echo= > /dev/null
+else
+silent_echo=
+endif
 ifeq ($V,1)
 silent=
 silent_stdout=
@@ -42,37 +47,37 @@ LTC_EXTRALIBS += $(EXTRALIBS)
 #AES comes in two flavours... enc+dec and enc
 src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
 ifneq ($V,1)
-	@echo "   * ${CC} $@"
+	@echo "   * ${CC} $@" ${silent_echo}
 endif
 	${silent} ${CC} ${LTC_CFLAGS} -DENCRYPT_ONLY -c $< -o $@
 
 .c.o:
 ifneq ($V,1)
-	@echo "   * ${CC} $@"
+	@echo "   * ${CC} $@" ${silent_echo}
 endif
 	${silent} ${CC} ${LTC_CFLAGS} -c $< -o $@
 
 $(LIBNAME): $(OBJECTS)
 ifneq ($V,1)
-	@echo "   * ${AR} $@"
+	@echo "   * ${AR} $@" ${silent_echo}
 endif
 	${silent} $(AR) $(ARFLAGS) $@ $(OBJECTS)
 ifneq ($V,1)
-	@echo "   * ${RANLIB} $@"
+	@echo "   * ${RANLIB} $@" ${silent_echo}
 endif
 	${silent} $(RANLIB) $@
 
 test: $(call print-help,test,Builds the library and the 'test' application to run all self-tests) $(LIBNAME) $(TOBJECTS)
 ifneq ($V,1)
-	@echo "   * ${CC} $@"
+	@echo "   * ${CC} $@" ${silent_echo}
 endif
 	${silent} $(CC) $(LTC_LDFLAGS) $(TOBJECTS) $(LIB_PRE) $(LIBNAME) $(LIB_POST) $(LTC_EXTRALIBS) -o $(TEST)
 
 # build the demos from a template
 define DEMO_template
 $(1): $(call print-help,$(1),Builds the library and the '$(1)' demo) demos/$(1).o $$(LIBNAME)
 ifneq ($V,1)
-	@echo "   * $${CC} $$@"
+	@echo "   * $${CC} $$@" ${silent_echo}
 endif
 	$${silent} $$(CC) $$(LTC_LDFLAGS) $$< $$(LIB_PRE) $$(LIBNAME) $$(LIB_POST) $$(LTC_EXTRALIBS) -o $(1)
 endef

src/ciphers/anubis.c

@@ -1131,6 +1131,11 @@ int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetr
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
+
+   if (skey->anubis.R < 12 || skey->anubis.R > 18) {
+       return CRYPT_INVALID_ROUNDS;
+   }
+
    anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R);
    return CRYPT_OK;
 }
@@ -1147,6 +1152,11 @@ int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetr
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
+
+   if (skey->anubis.R < 12 || skey->anubis.R > 18) {
+       return CRYPT_INVALID_ROUNDS;
+   }
+
    anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R);
    return CRYPT_OK;
 }

src/ciphers/rc5.c

@@ -136,6 +136,10 @@ int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
 
+   if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) {
+      return CRYPT_INVALID_ROUNDS;
+   }
+
    LOAD32L(A, &pt[0]);
    LOAD32L(B, &pt[4]);
    A += skey->rc5.K[0];
@@ -192,6 +196,10 @@ int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
 
+   if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) {
+      return CRYPT_INVALID_ROUNDS;
+   }
+
    LOAD32L(A, &ct[0]);
    LOAD32L(B, &ct[4]);
    K = skey->rc5.K + (skey->rc5.rounds << 1);

src/ciphers/safer/saferp.c

@@ -347,6 +347,10 @@ int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetr
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
 
+   if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) {
+       return CRYPT_INVALID_ROUNDS;
+   }
+
    /* do eight rounds */
    for (x = 0; x < 16; x++) {
        b[x] = pt[x];
@@ -411,6 +415,10 @@ int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetr
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
 
+   if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) {
+       return CRYPT_INVALID_ROUNDS;
+   }
+
    /* do eight rounds */
    b[0] = ct[0] ^ skey->saferp.K[skey->saferp.rounds*2][0];
    b[1] = (ct[1] - skey->saferp.K[skey->saferp.rounds*2][1]) & 255;

src/encauth/gcm/gcm_gf_mult.c

@@ -13,7 +13,7 @@
 */
 #include "tomcrypt_private.h"
 
-#if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || ((defined(LTC_GCM_MODE) || defined(LTC_GCM_MODE)) && defined(LTC_FAST))
+#if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || (defined(LTC_GCM_MODE) && defined(LTC_FAST))
 
 /* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format.  Since only the
  * lower 16 bits are not zero'ed I removed the upper 14 bytes */

src/headers/tomcrypt.h

@@ -19,7 +19,7 @@
 #include <limits.h>
 
 /* use configuration data */
-#include <tomcrypt_custom.h>
+#include "tomcrypt_custom.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -81,17 +81,17 @@ enum {
    CRYPT_HASH_OVERFLOW      /* Hash applied to too many bits */
 };
 
-#include <tomcrypt_cfg.h>
-#include <tomcrypt_macros.h>
-#include <tomcrypt_cipher.h>
-#include <tomcrypt_hash.h>
-#include <tomcrypt_mac.h>
-#include <tomcrypt_prng.h>
-#include <tomcrypt_pk.h>
-#include <tomcrypt_math.h>
-#include <tomcrypt_misc.h>
-#include <tomcrypt_argchk.h>
-#include <tomcrypt_pkcs.h>
+#include "tomcrypt_cfg.h"
+#include "tomcrypt_macros.h"
+#include "tomcrypt_cipher.h"
+#include "tomcrypt_hash.h"
+#include "tomcrypt_mac.h"
+#include "tomcrypt_prng.h"
+#include "tomcrypt_pk.h"
+#include "tomcrypt_math.h"
+#include "tomcrypt_misc.h"
+#include "tomcrypt_argchk.h"
+#include "tomcrypt_pkcs.h"
 
 #ifdef __cplusplus
    }