From 873240e7a02f3bb4b13bc07154e86072933052da Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sun, 25 Feb 2018 20:35:49 +0100 Subject: [PATCH 01/28] Merge pull request #350 from libtom/fix/no-file-warnings Fix warnings in `XMAC_file()` functions when compiling with `LTC_NO_FILE`. (cherry picked from commit 11cda2e274b415c6ab6a6a2f49fdbf9d7251897f) --- src/mac/blake2/blake2bmac_file.c | 5 +++++ src/mac/blake2/blake2smac_file.c | 5 +++++ src/mac/f9/f9_file.c | 6 ++++++ src/mac/hmac/hmac_file.c | 6 ++++++ src/mac/omac/omac_file.c | 6 ++++++ src/mac/pmac/pmac_file.c | 6 ++++++ src/mac/poly1305/poly1305_file.c | 5 +++++ src/mac/xcbc/xcbc_file.c | 6 ++++++ 8 files changed, 45 insertions(+) diff --git a/src/mac/blake2/blake2bmac_file.c b/src/mac/blake2/blake2bmac_file.c index 64c9e4d1..c1e9c6b5 100644 --- a/src/mac/blake2/blake2bmac_file.c +++ b/src/mac/blake2/blake2bmac_file.c @@ -23,6 +23,11 @@ int blake2bmac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(mac); + LTC_UNUSED_PARAM(maclen); return CRYPT_NOP; #else blake2bmac_state st; diff --git a/src/mac/blake2/blake2smac_file.c b/src/mac/blake2/blake2smac_file.c index c5248a29..1ac66797 100644 --- a/src/mac/blake2/blake2smac_file.c +++ b/src/mac/blake2/blake2smac_file.c @@ -23,6 +23,11 @@ int blake2smac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(mac); + LTC_UNUSED_PARAM(maclen); return CRYPT_NOP; #else blake2smac_state st; diff --git a/src/mac/f9/f9_file.c b/src/mac/f9/f9_file.c index a6e6532c..04d509bf 100644 --- a/src/mac/f9/f9_file.c +++ b/src/mac/f9/f9_file.c @@ -31,6 +31,12 @@ int f9_file(int cipher, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(cipher); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else size_t x; diff --git a/src/mac/hmac/hmac_file.c b/src/mac/hmac/hmac_file.c index 2d10e21c..0e1a1631 100644 --- a/src/mac/hmac/hmac_file.c +++ b/src/mac/hmac/hmac_file.c @@ -30,6 +30,12 @@ int hmac_file(int hash, const char *fname, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(hash); + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else hmac_state hmac; diff --git a/src/mac/omac/omac_file.c b/src/mac/omac/omac_file.c index a9104e8e..3f6a85d0 100644 --- a/src/mac/omac/omac_file.c +++ b/src/mac/omac/omac_file.c @@ -31,6 +31,12 @@ int omac_file(int cipher, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(cipher); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(filename); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else size_t x; diff --git a/src/mac/pmac/pmac_file.c b/src/mac/pmac/pmac_file.c index abe04f1e..fe202a2f 100644 --- a/src/mac/pmac/pmac_file.c +++ b/src/mac/pmac/pmac_file.c @@ -31,6 +31,12 @@ int pmac_file(int cipher, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(cipher); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(filename); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else size_t x; diff --git a/src/mac/poly1305/poly1305_file.c b/src/mac/poly1305/poly1305_file.c index 77263056..e57437b3 100644 --- a/src/mac/poly1305/poly1305_file.c +++ b/src/mac/poly1305/poly1305_file.c @@ -28,6 +28,11 @@ int poly1305_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(mac); + LTC_UNUSED_PARAM(maclen); return CRYPT_NOP; #else poly1305_state st; diff --git a/src/mac/xcbc/xcbc_file.c b/src/mac/xcbc/xcbc_file.c index f121cd0e..27eb0dec 100644 --- a/src/mac/xcbc/xcbc_file.c +++ b/src/mac/xcbc/xcbc_file.c @@ -31,6 +31,12 @@ int xcbc_file(int cipher, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(cipher); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(filename); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else size_t x; From 243898972cab95efe4ba46f33ce28dd63c9fce4b Mon Sep 17 00:00:00 2001 From: karel-m <1918753+karel-m@users.noreply.github.com> Date: Mon, 26 Feb 2018 12:55:41 +0100 Subject: [PATCH 02/28] Merge pull request #351 from libtom/pr/fix-time_cipher_lrw LTC_EASY & time_cipher_lrw (cherry picked from commit ea5b6cdce9d369dbf070677575c1c1fd6dc78622) --- demos/timing.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/demos/timing.c b/demos/timing.c index 14a59df3..8f69ed64 100644 --- a/demos/timing.c +++ b/demos/timing.c @@ -466,7 +466,7 @@ static void time_cipher_lrw(void) tally_results(1); } #else -static void time_cipher_lrw(void) { fprintf(stderr, "NO LRW\n"); return 0; } +static void time_cipher_lrw(void) { fprintf(stderr, "NO LRW\n"); } #endif From 67d8ca19f502999c3e2010317e43a9cdbc36ba25 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 7 Dec 2017 10:43:07 +0100 Subject: [PATCH 03/28] ensure that fortuna has been seeded properly (cherry picked from commit 04ce8cf613f635a8445b5de09cdd58847f0fcd64) --- src/prngs/fortuna.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/prngs/fortuna.c b/src/prngs/fortuna.c index 7b1ecb65..225eedcc 100644 --- a/src/prngs/fortuna.c +++ b/src/prngs/fortuna.c @@ -66,9 +66,9 @@ static int _fortuna_reseed(prng_state *prng) { unsigned char tmp[MAXBLOCKSIZE]; hash_state md; + ulong64 reset_cnt; int err, x; - ++prng->fortuna.reset_cnt; /* new K == LTC_SHA256(K || s) where s == LTC_SHA256(P0) || LTC_SHA256(P1) ... */ sha256_init(&md); @@ -77,8 +77,10 @@ static int _fortuna_reseed(prng_state *prng) return err; } + reset_cnt = prng->fortuna.reset_cnt + 1; + for (x = 0; x < LTC_FORTUNA_POOLS; x++) { - if (x == 0 || ((prng->fortuna.reset_cnt >> (x-1)) & 1) == 0) { + if (x == 0 || ((reset_cnt >> (x-1)) & 1) == 0) { /* terminate this hash */ if ((err = sha256_done(&prng->fortuna.pool[x], tmp)) != CRYPT_OK) { sha256_done(&md, tmp); @@ -108,9 +110,10 @@ static int _fortuna_reseed(prng_state *prng) } _fortuna_update_iv(prng); - /* reset pool len */ + /* reset/update internals */ prng->fortuna.pool0_len = 0; prng->fortuna.wd = 0; + prng->fortuna.reset_cnt = reset_cnt; #ifdef LTC_CLEAN_STACK @@ -251,6 +254,11 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state } } + /* ensure that one reseed happened before allowing to read */ + if (prng->fortuna.reset_cnt == 0) { + goto LBL_UNLOCK; + } + /* now generate the blocks required */ tlen = outlen; From b9fa4c063a1e127eddceeebecdb072f462da28a1 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 7 Dec 2017 11:09:43 +0100 Subject: [PATCH 04/28] fortuna_import() shouldn't ignore additional input (cherry picked from commit 0c05e5386f836a8cbf4bfbc12bc9113f974b6d61) --- src/prngs/fortuna.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/prngs/fortuna.c b/src/prngs/fortuna.c index 225eedcc..e1056a13 100644 --- a/src/prngs/fortuna.c +++ b/src/prngs/fortuna.c @@ -413,6 +413,7 @@ LBL_UNLOCK: int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng) { int err, x; + unsigned long len; LTC_ARGCHK(in != NULL); LTC_ARGCHK(prng != NULL); @@ -424,10 +425,14 @@ int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prn if ((err = fortuna_start(prng)) != CRYPT_OK) { return err; } - for (x = 0; x < LTC_FORTUNA_POOLS; x++) { - if ((err = fortuna_add_entropy(in+x*32, 32, prng)) != CRYPT_OK) { + x = 0; + while (inlen > 0) { + len = MIN(inlen, 32); + if ((err = fortuna_add_entropy(in+x*32, len, prng)) != CRYPT_OK) { return err; } + x++; + inlen -= len; } return CRYPT_OK; } From 415c57f3afdbb5ac25c2af84a5d931f40142b058 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 7 Dec 2017 11:45:19 +0100 Subject: [PATCH 05/28] don't ignore additional data on SOBER128-PRNG import (cherry picked from commit d502869728298e9cc7d5261cad084e3d6cc4deea) --- src/prngs/sober128.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/prngs/sober128.c b/src/prngs/sober128.c index 8d95491b..275920c0 100644 --- a/src/prngs/sober128.c +++ b/src/prngs/sober128.c @@ -189,7 +189,7 @@ int sober128_import(const unsigned char *in, unsigned long inlen, prng_state *pr if (inlen < (unsigned long)sober128_desc.export_size) return CRYPT_INVALID_ARG; if ((err = sober128_start(prng)) != CRYPT_OK) return err; - if ((err = sober128_add_entropy(in, sober128_desc.export_size, prng)) != CRYPT_OK) return err; + if ((err = sober128_add_entropy(in, inlen, prng)) != CRYPT_OK) return err; return CRYPT_OK; } From 89dffe6c7e2c54a639cf4a470687c3054b6c6617 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 7 Dec 2017 12:00:22 +0100 Subject: [PATCH 06/28] add comment to Fortuna docs (cherry picked from commit cccd1e305302cb28391765d2e5c2ddd21d41385c) --- doc/crypt.tex | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/crypt.tex b/doc/crypt.tex index feab8e09..df0b8483 100644 --- a/doc/crypt.tex +++ b/doc/crypt.tex @@ -3666,11 +3666,15 @@ key, and any hash that produces at least a 256--bit output. However, to make th it has been fixed to those choices. Fortuna is more secure than Yarrow in the sense that attackers who learn parts of the entropy being -added to the PRNG learn far less about the state than that of Yarrow. Without getting into to many +added to the PRNG learn far less about the state than that of Yarrow. Without getting into too many details Fortuna has the ability to recover from state determination attacks where the attacker starts to learn information from the PRNGs output about the internal state. Yarrow on the other hand, cannot recover from that problem until new entropy is added to the pool and put to use through the ready() function. +For detailed information on how the algorithm works and what you have to do to maintain the secure state +get a copy of the book\footnote{Niels Ferguson and Bruce Schneier, Practical Cryptography. ISBN 0-471-22357-3.} or +read the paper online\footnote{\url{https://www.schneier.com/academic/paperfiles/fortuna.pdf} [Accessed on 7th Dec. 2017]}. + \subsubsection{RC4} RC4 is an old stream cipher that can also double duty as a PRNG in a pinch. You key RC4 by From affb3d70cb9836f56ea393f82c3329a555f56c8d Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 23 Mar 2018 11:30:58 +0100 Subject: [PATCH 07/28] improve fortuna_import() This makes fortuna_import() kinda compliant to the "Update seed file" behavior of the original paper. It differs from the original behavior in that it allows to import seed files which are larger than 64 bytes. (cherry picked from commit 39d4a14c29c97f002b85038bdcdc2a788f83fe73) --- src/prngs/fortuna.c | 61 +++++++++++++++++++++++++++++++++++---------- 1 file changed, 48 insertions(+), 13 deletions(-) diff --git a/src/prngs/fortuna.c b/src/prngs/fortuna.c index e1056a13..6617a27f 100644 --- a/src/prngs/fortuna.c +++ b/src/prngs/fortuna.c @@ -124,6 +124,46 @@ static int _fortuna_reseed(prng_state *prng) return CRYPT_OK; } +/** + "Update Seed File"-compliant update of K + + @param in The PRNG state + @param inlen Size of the state + @param prng The PRNG to import + @return CRYPT_OK if successful +*/ +static int _fortuna_update_seed(const unsigned char *in, unsigned long inlen, prng_state *prng) +{ + int err; + unsigned char tmp[MAXBLOCKSIZE]; + hash_state md; + + LTC_MUTEX_LOCK(&prng->lock); + /* new K = LTC_SHA256(K || in) */ + sha256_init(&md); + if ((err = sha256_process(&md, prng->fortuna.K, 32)) != CRYPT_OK) { + sha256_done(&md, tmp); + goto LBL_UNLOCK; + } + if ((err = sha256_process(&md, in, inlen)) != CRYPT_OK) { + sha256_done(&md, tmp); + goto LBL_UNLOCK; + } + /* finish key */ + if ((err = sha256_done(&md, prng->fortuna.K)) != CRYPT_OK) { + goto LBL_UNLOCK; + } + _fortuna_update_iv(prng); + +LBL_UNLOCK: + LTC_MUTEX_UNLOCK(&prng->lock); +#ifdef LTC_CLEAN_STACK + zeromem(&md, sizeof(md)); +#endif + + return err; +} + /** Start the PRNG @param prng [out] The PRNG state to initialize @@ -412,11 +452,10 @@ LBL_UNLOCK: */ int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng) { - int err, x; - unsigned long len; + int err; - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(prng != NULL); + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(prng != NULL); if (inlen < (unsigned long)fortuna_desc.export_size) { return CRYPT_INVALID_ARG; @@ -425,16 +464,12 @@ int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prn if ((err = fortuna_start(prng)) != CRYPT_OK) { return err; } - x = 0; - while (inlen > 0) { - len = MIN(inlen, 32); - if ((err = fortuna_add_entropy(in+x*32, len, prng)) != CRYPT_OK) { - return err; - } - x++; - inlen -= len; + + if ((err = _fortuna_update_seed(in, inlen, prng)) != CRYPT_OK) { + return err; } - return CRYPT_OK; + + return err; } /** From 24aab18d5b30eaf8b3b48a5483f0b5fe3a7af8f1 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 27 Mar 2018 02:25:25 +0200 Subject: [PATCH 08/28] Merge pull request #359 from vchong/ltc_ctr ltc: ctr: improve performance (cherry picked from commit 9b80d07487bed20575b9846ba0d4bcdc280ae8c0) --- src/modes/ctr/ctr_encrypt.c | 93 ++++++++++++++++++++++++------------- 1 file changed, 60 insertions(+), 33 deletions(-) diff --git a/src/modes/ctr/ctr_encrypt.c b/src/modes/ctr/ctr_encrypt.c index 7319cf53..eb7328c2 100644 --- a/src/modes/ctr/ctr_encrypt.c +++ b/src/modes/ctr/ctr_encrypt.c @@ -17,47 +17,17 @@ #ifdef LTC_CTR_MODE /** - CTR encrypt + CTR encrypt software implementation @param pt Plaintext @param ct [out] Ciphertext @param len Length of plaintext (octets) @param ctr CTR state @return CRYPT_OK if successful */ -int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr) +static int _ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr) { int x, err; - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(ctr != NULL); - - if ((err = cipher_is_valid(ctr->cipher)) != CRYPT_OK) { - return err; - } - - /* is blocklen/padlen valid? */ - if (ctr->blocklen < 1 || ctr->blocklen > (int)sizeof(ctr->ctr) || - ctr->padlen < 0 || ctr->padlen > (int)sizeof(ctr->pad)) { - return CRYPT_INVALID_ARG; - } - -#ifdef LTC_FAST - if (ctr->blocklen % sizeof(LTC_FAST_TYPE)) { - return CRYPT_INVALID_ARG; - } -#endif - - /* handle acceleration only if pad is empty, accelerator is present and length is >= a block size */ - if ((ctr->padlen == ctr->blocklen) && cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL && (len >= (unsigned long)ctr->blocklen)) { - if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) { - return err; - } - pt += (len / ctr->blocklen) * ctr->blocklen; - ct += (len / ctr->blocklen) * ctr->blocklen; - len %= ctr->blocklen; - } - while (len) { /* is the pad empty? */ if (ctr->padlen == ctr->blocklen) { @@ -87,7 +57,7 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s ctr->padlen = 0; } #ifdef LTC_FAST - if (ctr->padlen == 0 && len >= (unsigned long)ctr->blocklen) { + if ((ctr->padlen == 0) && (len >= (unsigned long)ctr->blocklen)) { for (x = 0; x < ctr->blocklen; x += sizeof(LTC_FAST_TYPE)) { *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) ^ *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ctr->pad + x)); @@ -105,6 +75,63 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s return CRYPT_OK; } +/** + CTR encrypt + @param pt Plaintext + @param ct [out] Ciphertext + @param len Length of plaintext (octets) + @param ctr CTR state + @return CRYPT_OK if successful +*/ +int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr) +{ + int err, fr; + + LTC_ARGCHK(pt != NULL); + LTC_ARGCHK(ct != NULL); + LTC_ARGCHK(ctr != NULL); + + if ((err = cipher_is_valid(ctr->cipher)) != CRYPT_OK) { + return err; + } + + /* is blocklen/padlen valid? */ + if ((ctr->blocklen < 1) || (ctr->blocklen > (int)sizeof(ctr->ctr)) || + (ctr->padlen < 0) || (ctr->padlen > (int)sizeof(ctr->pad))) { + return CRYPT_INVALID_ARG; + } + +#ifdef LTC_FAST + if (ctr->blocklen % sizeof(LTC_FAST_TYPE)) { + return CRYPT_INVALID_ARG; + } +#endif + + /* handle acceleration only if pad is empty, accelerator is present and length is >= a block size */ + if ((cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL) && (len >= (unsigned long)ctr->blocklen)) { + if (ctr->padlen < ctr->blocklen) { + fr = ctr->blocklen - ctr->padlen; + if ((err = _ctr_encrypt(pt, ct, fr, ctr)) != CRYPT_OK) { + return err; + } + pt += fr; + ct += fr; + len -= fr; + } + + if (len >= (unsigned long)ctr->blocklen) { + if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) { + return err; + } + pt += (len / ctr->blocklen) * ctr->blocklen; + ct += (len / ctr->blocklen) * ctr->blocklen; + len %= ctr->blocklen; + } + } + + return _ctr_encrypt(pt, ct, len, ctr); +} + #endif /* ref: $Format:%D$ */ From 70ec9b3b3517e6a95933cd6ab7f152de0a4a1d14 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 4 Apr 2018 19:31:36 +0200 Subject: [PATCH 09/28] back-port of the bugfix done in #363 --- src/prngs/fortuna.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/prngs/fortuna.c b/src/prngs/fortuna.c index 6617a27f..1f072334 100644 --- a/src/prngs/fortuna.c +++ b/src/prngs/fortuna.c @@ -288,7 +288,7 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state } /* do we have to reseed? */ - if (++prng->fortuna.wd == LTC_FORTUNA_WD || prng->fortuna.pool0_len >= 64) { + if ((++prng->fortuna.wd == LTC_FORTUNA_WD) && (prng->fortuna.pool0_len >= 64)) { if (_fortuna_reseed(prng) != CRYPT_OK) { goto LBL_UNLOCK; } From 3249dcb9638fe2959adb6ee0c5f08bcb8c392d4c Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 6 Apr 2018 10:27:12 +0200 Subject: [PATCH 10/28] allow TAB_SIZE to be defined at compile-time --- src/headers/tomcrypt.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/headers/tomcrypt.h b/src/headers/tomcrypt.h index 5bcc81e6..94d88e81 100644 --- a/src/headers/tomcrypt.h +++ b/src/headers/tomcrypt.h @@ -32,8 +32,10 @@ extern "C" { /* max size of either a cipher/hash block or symmetric key [largest of the two] */ #define MAXBLOCKSIZE 128 +#ifndef TAB_SIZE /* descriptor table size */ #define TAB_SIZE 32 +#endif /* error codes [will be expanded in future releases] */ enum { From 719d297e9fbdbb4305f3fa90d86cc63fe7137e93 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 13 Apr 2018 09:42:47 +0200 Subject: [PATCH 11/28] Merge pull request #373 from libtom/fix/der-recursion-limit implement DER recursion limit (cherry picked from commit af67321bf3cde1a470c679e459ebb8189e38c9bd) --- src/headers/tomcrypt_custom.h | 7 +++++++ src/misc/crypt/crypt.c | 1 + src/misc/crypt/crypt_constants.c | 4 ++++ .../der/sequence/der_decode_sequence_flexi.c | 13 +++++++++++- tests/common.h | 2 ++ tests/der_test.c | 21 +++++++++++++++++++ 6 files changed, 47 insertions(+), 1 deletion(-) diff --git a/src/headers/tomcrypt_custom.h b/src/headers/tomcrypt_custom.h index 80b99578..2d5cfec8 100644 --- a/src/headers/tomcrypt_custom.h +++ b/src/headers/tomcrypt_custom.h @@ -472,6 +472,13 @@ #endif #endif +#if defined(LTC_DER) + #ifndef LTC_DER_MAX_RECURSION + /* Maximum recursion limit when processing nested ASN.1 types. */ + #define LTC_DER_MAX_RECURSION 30 + #endif +#endif + #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT) /* Include the MPI functionality? (required by the PK algorithms) */ #define LTC_MPI diff --git a/src/misc/crypt/crypt.c b/src/misc/crypt/crypt.c index 8cecb32e..e5149b07 100644 --- a/src/misc/crypt/crypt.c +++ b/src/misc/crypt/crypt.c @@ -398,6 +398,7 @@ const char *crypt_build_settings = #endif #if defined(LTC_DER) " DER " + " " NAME_VALUE(LTC_DER_MAX_RECURSION) " " #endif #if defined(LTC_PKCS_1) " PKCS#1 " diff --git a/src/misc/crypt/crypt_constants.c b/src/misc/crypt/crypt_constants.c index a7418d5e..1c71862c 100644 --- a/src/misc/crypt/crypt_constants.c +++ b/src/misc/crypt/crypt_constants.c @@ -111,6 +111,7 @@ static const crypt_constant _crypt_constants[] = { #ifdef LTC_DER /* DER handling */ + {"LTC_DER", 1}, _C_STRINGIFY(LTC_ASN1_EOL), _C_STRINGIFY(LTC_ASN1_BOOLEAN), _C_STRINGIFY(LTC_ASN1_INTEGER), @@ -132,6 +133,9 @@ static const crypt_constant _crypt_constants[] = { _C_STRINGIFY(LTC_ASN1_CONSTRUCTED), _C_STRINGIFY(LTC_ASN1_CONTEXT_SPECIFIC), _C_STRINGIFY(LTC_ASN1_GENERALIZEDTIME), + _C_STRINGIFY(LTC_DER_MAX_RECURSION), +#else + {"LTC_DER", 0}, #endif #ifdef LTC_CTR_MODE diff --git a/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c index 142ef95a..5577129b 100644 --- a/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c +++ b/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c @@ -79,7 +79,7 @@ static int _new_element(ltc_asn1_list **l) */ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out) { - ltc_asn1_list *l; + ltc_asn1_list *l, *t; unsigned long err, type, len, totlen, data_offset; void *realloc_tmp; @@ -407,6 +407,17 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc l->child->parent = l; } + t = l; + len_len = 0; + while((t != NULL) && (t->child != NULL)) { + len_len++; + t = t->child; + } + if (len_len > LTC_DER_MAX_RECURSION) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } + break; case 0x80: /* Context-specific */ diff --git a/tests/common.h b/tests/common.h index 410db1e8..f2d8dca0 100644 --- a/tests/common.h +++ b/tests/common.h @@ -16,9 +16,11 @@ extern prng_state yarrow_prng; #ifdef LTC_VERBOSE #define DO(x) do { fprintf(stderr, "%s:\n", #x); run_cmd((x), __LINE__, __FILE__, #x, NULL); } while (0) #define DOX(x, str) do { fprintf(stderr, "%s - %s:\n", #x, (str)); run_cmd((x), __LINE__, __FILE__, #x, (str)); } while (0) +#define SHOULD_FAIL(x) do { fprintf(stderr, "%s:\n", #x); run_cmd((x) != CRYPT_OK ? CRYPT_OK : CRYPT_FAIL_TESTVECTOR, __LINE__, __FILE__, #x, NULL); } while (0) #else #define DO(x) do { run_cmd((x), __LINE__, __FILE__, #x, NULL); } while (0) #define DOX(x, str) do { run_cmd((x), __LINE__, __FILE__, #x, (str)); } while (0) +#define SHOULD_FAIL(x) do { run_cmd((x) != CRYPT_OK ? CRYPT_OK : CRYPT_FAIL_TESTVECTOR, __LINE__, __FILE__, #x, NULL); } while (0) #endif void run_cmd(int res, int line, const char *file, const char *cmd, const char *algorithm); diff --git a/tests/der_test.c b/tests/der_test.c index 6dab4247..a6859e80 100644 --- a/tests/der_test.c +++ b/tests/der_test.c @@ -1094,6 +1094,25 @@ static int der_choice_test(void) } +static void _der_recursion_limit(void) +{ + int failed = 0; + unsigned int n; + unsigned long integer = 123, s; + ltc_asn1_list seqs[LTC_DER_MAX_RECURSION + 2], dummy[1], *flexi; + unsigned char buf[2048]; + LTC_SET_ASN1(dummy, 0, LTC_ASN1_SHORT_INTEGER, &integer, 1); + LTC_SET_ASN1(seqs, LTC_DER_MAX_RECURSION + 1, LTC_ASN1_SEQUENCE, dummy, 1); + for (n = 0; n < LTC_DER_MAX_RECURSION + 1; ++n) { + LTC_SET_ASN1(seqs, LTC_DER_MAX_RECURSION - n, LTC_ASN1_SEQUENCE, &seqs[LTC_DER_MAX_RECURSION - n + 1], 1); + } + s = sizeof(buf); + DO(der_encode_sequence(seqs, 1, buf, &s)); + DO(der_decode_sequence(buf, s, seqs, 1)); + SHOULD_FAIL(der_decode_sequence_flexi(buf, &s, &flexi)); + if (failed) exit(EXIT_FAILURE); +} + int der_test(void) { unsigned long x, y, z, zz, oid[2][32]; @@ -1126,6 +1145,8 @@ int der_test(void) unsigned char utf8_buf[32]; wchar_t utf8_out[32]; + + _der_recursion_limit(); der_cacert_test(); DO(mp_init_multi(&a, &b, &c, &d, &e, &f, &g, NULL)); From 92c5082a2546b8d9028b1b615889af2c66f0839a Mon Sep 17 00:00:00 2001 From: karel-m <1918753+karel-m@users.noreply.github.com> Date: Sun, 8 Apr 2018 16:22:05 +0200 Subject: [PATCH 12/28] Merge pull request #375 from libtom/pr/fix-unused-const-variable Fix -Wunused-const-variable in aes_tab.c (cherry picked from commit 5c31c3d01656848fb8647aaab4d1a5f4f45770f1) --- src/ciphers/aes/aes_tab.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/ciphers/aes/aes_tab.c b/src/ciphers/aes/aes_tab.c index 463d05cc..b15596e0 100644 --- a/src/ciphers/aes/aes_tab.c +++ b/src/ciphers/aes/aes_tab.c @@ -94,7 +94,7 @@ static const ulong32 TE0[256] = { 0x7bb0b0cbUL, 0xa85454fcUL, 0x6dbbbbd6UL, 0x2c16163aUL, }; -#ifndef PELI_TAB +#if !defined(PELI_TAB) && defined(LTC_SMALL_CODE) static const ulong32 Te4[256] = { 0x63636363UL, 0x7c7c7c7cUL, 0x77777777UL, 0x7b7b7b7bUL, 0xf2f2f2f2UL, 0x6b6b6b6bUL, 0x6f6f6f6fUL, 0xc5c5c5c5UL, @@ -1017,11 +1017,13 @@ static const ulong32 Tks3[] = { #endif /* SMALL CODE */ +#ifndef PELI_TAB static const ulong32 rcon[] = { 0x01000000UL, 0x02000000UL, 0x04000000UL, 0x08000000UL, 0x10000000UL, 0x20000000UL, 0x40000000UL, 0x80000000UL, 0x1B000000UL, 0x36000000UL, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ }; +#endif #endif /* __LTC_AES_TAB_C__ */ From 1783100e7bce5b47009864a30fe25c970959d2d1 Mon Sep 17 00:00:00 2001 From: karel-m <1918753+karel-m@users.noreply.github.com> Date: Mon, 9 Apr 2018 08:53:20 +0200 Subject: [PATCH 13/28] Merge pull request #377 from libtom/pr/clang-tidy-void-return clang-tidy: readability-redundant-control-flow (cherry picked from commit 4cc8d08e503af686dd7062ac8edd405b12f48ab4) --- src/math/multi.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/math/multi.c b/src/math/multi.c index da5bb60c..cfe14512 100644 --- a/src/math/multi.c +++ b/src/math/multi.c @@ -67,7 +67,6 @@ void ltc_cleanup_multi(void **a, ...) cur = va_arg(args, void**); } va_end(args); - return; } #endif From 00dfe66081252f04e0aa901993bc23ee5a1f027d Mon Sep 17 00:00:00 2001 From: karel-m <1918753+karel-m@users.noreply.github.com> Date: Mon, 9 Apr 2018 08:55:32 +0200 Subject: [PATCH 14/28] Merge pull request #378 from libtom/pr/clang-tidy-misc-suspicious-string-compare clang-tidy: misc-suspicious-string-compare (cherry picked from commit 24f933d22ab0b6680a3d0f8d0424d15b0273ace7) --- src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c | 2 +- src/pk/rsa/rsa_import_pkcs8.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c b/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c index 68261817..d2d08117 100644 --- a/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c +++ b/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c @@ -80,7 +80,7 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in } if ((alg_id[0].size != oid.OIDlen) || - XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) { + XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0])) != 0) { /* OID mismatch */ err = CRYPT_PK_INVALID_TYPE; goto LBL_ERR; diff --git a/src/pk/rsa/rsa_import_pkcs8.c b/src/pk/rsa/rsa_import_pkcs8.c index 8e15e066..0546eb06 100644 --- a/src/pk/rsa/rsa_import_pkcs8.c +++ b/src/pk/rsa/rsa_import_pkcs8.c @@ -114,7 +114,7 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, /* check alg oid */ if ((alg_seq[0].size != rsaoid.OIDlen) || - XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0]))) { + XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0])) != 0) { err = CRYPT_PK_INVALID_TYPE; goto LBL_ERR; } From d16e5b0b05c1a5377dbfe30a3ae2727296a16c7b Mon Sep 17 00:00:00 2001 From: karel-m <1918753+karel-m@users.noreply.github.com> Date: Mon, 9 Apr 2018 08:56:53 +0200 Subject: [PATCH 15/28] Merge pull request #379 from libtom/pr/clang-tidy-misc-misplaced-widening-cast clang-tidy: misc-misplaced-widening-cast (cherry picked from commit 248352c36f0352f8d7cb202499e825900af76151) With back-ported patch from src/misc/copy_or_zeromem.c back to src/encauth/ccm/ccm_memory.c --- src/encauth/ccm/ccm_memory.c | 2 +- src/pk/dsa/dsa_export.c | 2 +- src/pk/dsa/dsa_generate_pqg.c | 4 ++-- src/pk/rsa/rsa_export.c | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/encauth/ccm/ccm_memory.c b/src/encauth/ccm/ccm_memory.c index 3326ce5c..631219e6 100644 --- a/src/encauth/ccm/ccm_memory.c +++ b/src/encauth/ccm/ccm_memory.c @@ -52,7 +52,7 @@ int ccm_memory(int cipher, int err; unsigned long len, L, x, y, z, CTRlen; #ifdef LTC_FAST - LTC_FAST_TYPE fastMask = ~0; /* initialize fastMask at all zeroes */ + LTC_FAST_TYPE fastMask = ~(LTC_FAST_TYPE)0; /* initialize fastMask at all zeroes */ #endif unsigned char mask = 0xff; /* initialize mask at all zeroes */ diff --git a/src/pk/dsa/dsa_export.c b/src/pk/dsa/dsa_export.c index 1f6bb5a3..f3a9f593 100644 --- a/src/pk/dsa/dsa_export.c +++ b/src/pk/dsa/dsa_export.c @@ -69,7 +69,7 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key } } else { if (std) { - unsigned long tmplen = (mp_count_bits(key->y) / 8) + 8; + unsigned long tmplen = (unsigned long)(mp_count_bits(key->y) / 8) + 8; unsigned char* tmp = XMALLOC(tmplen); ltc_asn1_list int_list[3]; diff --git a/src/pk/dsa/dsa_generate_pqg.c b/src/pk/dsa/dsa_generate_pqg.c index 91c7ef70..8c5f5582 100644 --- a/src/pk/dsa/dsa_generate_pqg.c +++ b/src/pk/dsa/dsa_generate_pqg.c @@ -72,8 +72,8 @@ static int _dsa_make_params(prng_state *prng, int wprng, int group_size, int mod */ seedbytes = group_size; - L = modulus_size * 8; - N = group_size * 8; + L = (unsigned long)modulus_size * 8; + N = (unsigned long)group_size * 8; /* XXX-TODO no Lucas test */ #ifdef LTC_MPI_HAS_LUCAS_TEST diff --git a/src/pk/rsa/rsa_export.c b/src/pk/rsa/rsa_export.c index a9885de8..efd61d6f 100644 --- a/src/pk/rsa/rsa_export.c +++ b/src/pk/rsa/rsa_export.c @@ -58,7 +58,7 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key unsigned char* tmp = NULL; if (type & PK_STD) { - tmplen = (mp_count_bits(key->N)/8)*2+8; + tmplen = (unsigned long)(mp_count_bits(key->N) / 8) * 2 + 8; tmp = XMALLOC(tmplen); ptmplen = &tmplen; if (tmp == NULL) { From 3d6181d0a7ee92987ed9b2893c903eab7cf1aa59 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 24 Nov 2017 07:39:36 +0100 Subject: [PATCH 16/28] there should be no need to pass CFLAGS when linking (cherry picked from commit 196f25e32fafa221e5d1cbe7706cc510434a3212) --- makefile | 2 +- makefile.shared | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/makefile b/makefile index a7ff18fa..cd94b86f 100644 --- a/makefile +++ b/makefile @@ -69,7 +69,7 @@ $(1): $(call print-help,$(1),Builds the library and the '$(1)' demo) demos/$(1). ifneq ($V,1) @echo " * $${CC} $$@" endif - $${silent} $$(CC) $$(LTC_CFLAGS) $$< $$(LIB_PRE) $$(LIBNAME) $$(LIB_POST) $$(EXTRALIBS) -o $(1) + $${silent} $$(CC) $$< $$(LIB_PRE) $$(LIBNAME) $$(LIB_POST) $$(EXTRALIBS) -o $(1) endef $(foreach demo, $(strip $(DEMOS)), $(eval $(call DEMO_template,$(demo)))) diff --git a/makefile.shared b/makefile.shared index 66b9dd5e..2585ce15 100644 --- a/makefile.shared +++ b/makefile.shared @@ -49,15 +49,15 @@ src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c LOBJECTS = $(OBJECTS:.o=.lo) $(LIBNAME): $(OBJECTS) - $(LT) --mode=link --tag=CC $(CC) $(LTC_CFLAGS) $(CPPFLAGS) $(LTC_LDFLAGS) $(LOBJECTS) $(EXTRALIBS) -o $@ -rpath $(LIBPATH) -version-info $(VERSION_LT) $(NO_UNDEFINED) + $(LT) --mode=link --tag=CC $(CC) $(LTC_LDFLAGS) $(LOBJECTS) $(EXTRALIBS) -o $@ -rpath $(LIBPATH) -version-info $(VERSION_LT) $(NO_UNDEFINED) test: $(call print-help,test,Builds the library and the 'test' application to run all self-tests) $(LIBNAME) $(TOBJECTS) - $(LT) --mode=link --tag=CC $(CC) $(LTC_CFLAGS) $(CPPFLAGS) $(LTC_LDFLAGS) -o $(TEST) $(TOBJECTS) $(LIBNAME) $(EXTRALIBS) + $(LT) --mode=link --tag=CC $(CC) $(LTC_LDFLAGS) -o $(TEST) $(TOBJECTS) $(LIBNAME) $(EXTRALIBS) # build the demos from a template define DEMO_template $(1): $(call print-help,$(1),Builds the library and the '$(1)' demo) demos/$(1).o $$(LIBNAME) - $$(LT) --mode=link --tag=CC $$(CC) $$(LTC_CFLAGS) $$(CPPFLAGS) $$(LTC_LDFLAGS) $$^ $$(EXTRALIBS) -o $(1) + $$(LT) --mode=link --tag=CC $$(CC) $$(LTC_LDFLAGS) $$^ $$(EXTRALIBS) -o $(1) endef $(foreach demo, $(strip $(DEMOS)), $(eval $(call DEMO_template,$(demo)))) From e7f4c6e47fd745158debc466a6a0a3eb1be137cf Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sun, 20 May 2018 10:29:56 +0200 Subject: [PATCH 17/28] Merge pull request #392 from orbea/libtool makefile.shared: Respect LIBTOOL. (cherry picked from commit a528528a2b0bbce7f894c6b572611d80b9705ede) --- makefile.shared | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/makefile.shared b/makefile.shared index 2585ce15..98ec2b50 100644 --- a/makefile.shared +++ b/makefile.shared @@ -16,19 +16,19 @@ PLATFORM := $(shell uname | sed -e 's/_.*//') -ifndef LT +ifndef LIBTOOL ifeq ($(PLATFORM), Darwin) - LT:=glibtool + LIBTOOL:=glibtool else - LT:=libtool + LIBTOOL:=libtool endif endif ifeq ($(PLATFORM), CYGWIN) NO_UNDEFINED:=-no-undefined endif -LTCOMPILE = $(LT) --mode=compile --tag=CC $(CC) -INSTALL_CMD = $(LT) --mode=install install -UNINSTALL_CMD = $(LT) --mode=uninstall rm +LTCOMPILE = $(LIBTOOL) --mode=compile --tag=CC $(CC) +INSTALL_CMD = $(LIBTOOL) --mode=install install +UNINSTALL_CMD = $(LIBTOOL) --mode=uninstall rm #Output filenames for various targets. ifndef LIBNAME @@ -49,15 +49,15 @@ src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c LOBJECTS = $(OBJECTS:.o=.lo) $(LIBNAME): $(OBJECTS) - $(LT) --mode=link --tag=CC $(CC) $(LTC_LDFLAGS) $(LOBJECTS) $(EXTRALIBS) -o $@ -rpath $(LIBPATH) -version-info $(VERSION_LT) $(NO_UNDEFINED) + $(LIBTOOL) --mode=link --tag=CC $(CC) $(LTC_LDFLAGS) $(LOBJECTS) $(EXTRALIBS) -o $@ -rpath $(LIBPATH) -version-info $(VERSION_LT) $(NO_UNDEFINED) test: $(call print-help,test,Builds the library and the 'test' application to run all self-tests) $(LIBNAME) $(TOBJECTS) - $(LT) --mode=link --tag=CC $(CC) $(LTC_LDFLAGS) -o $(TEST) $(TOBJECTS) $(LIBNAME) $(EXTRALIBS) + $(LIBTOOL) --mode=link --tag=CC $(CC) $(LTC_LDFLAGS) -o $(TEST) $(TOBJECTS) $(LIBNAME) $(EXTRALIBS) # build the demos from a template define DEMO_template $(1): $(call print-help,$(1),Builds the library and the '$(1)' demo) demos/$(1).o $$(LIBNAME) - $$(LT) --mode=link --tag=CC $$(CC) $$(LTC_LDFLAGS) $$^ $$(EXTRALIBS) -o $(1) + $$(LIBTOOL) --mode=link --tag=CC $$(CC) $$(LTC_LDFLAGS) $$^ $$(EXTRALIBS) -o $(1) endef $(foreach demo, $(strip $(DEMOS)), $(eval $(call DEMO_template,$(demo)))) From 4c2bb90deccd371c52bad2d67c06cc83d3579a79 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 31 May 2018 13:51:54 +0200 Subject: [PATCH 18/28] Merge pull request #382 from ararslan/aa/freebsd Make the build logic more robust for BSD systems (cherry picked from commit 5ab8dcf04d13494c17e503d121efc79748d5f401) --- makefile_include.mk | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/makefile_include.mk b/makefile_include.mk index 7d619992..5e529525 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -13,9 +13,23 @@ ifndef CROSS_COMPILE CROSS_COMPILE:= endif -ifeq ($(CC),cc) - CC := $(CROSS_COMPILE)gcc +# We only need to go through this dance of determining the right compiler if we're using +# cross compilation, otherwise $(CC) is fine as-is. +ifneq (,$(CROSS_COMPILE)) +ifeq ($(origin CC),default) +CSTR := "\#ifdef __clang__\nCLANG\n\#endif\n" +ifeq ($(PLATFORM),FreeBSD) + # XXX: FreeBSD needs extra escaping for some reason + CSTR := $$$(CSTR) endif +ifneq (,$(shell echo $(CSTR) | $(CC) -E - | grep CLANG)) + CC := $(CROSS_COMPILE)clang +else + CC := $(CROSS_COMPILE)gcc +endif # Clang +endif # cc is Make's default +endif # CROSS_COMPILE non-empty + LD:=$(CROSS_COMPILE)ld AR:=$(CROSS_COMPILE)ar @@ -24,7 +38,12 @@ AR:=$(CROSS_COMPILE)ar ARFLAGS:=r ifndef MAKE - MAKE:=make +# BSDs refer to GNU Make as gmake +ifneq (,$(findstring $(PLATFORM),FreeBSD OpenBSD DragonFly NetBSD)) + MAKE=gmake +else + MAKE=make +endif endif ifndef INSTALL_CMD From 615b3616739c0195cd0a8a8b181cc702897f6d79 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 5 May 2018 17:56:41 +0200 Subject: [PATCH 19/28] no need to include wchar.h in all cases (cherry picked from commit a32d1afd1097ed1534004891d1322aa621473367) --- src/headers/tomcrypt_pk.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h index 4ea6f88a..fb9b07c8 100644 --- a/src/headers/tomcrypt_pk.h +++ b/src/headers/tomcrypt_pk.h @@ -667,16 +667,16 @@ int der_printable_value_decode(int v); /* UTF-8 */ #if (defined(SIZE_MAX) || __STDC_VERSION__ >= 199901L || defined(WCHAR_MAX) || defined(__WCHAR_MAX__) || defined(_WCHAR_T) || defined(_WCHAR_T_DEFINED) || defined (__WCHAR_TYPE__)) && !defined(LTC_NO_WCHAR) -#include -#if defined(__WCHAR_MAX__) -#define LTC_WCHAR_MAX __WCHAR_MAX__ -#elif defined(WCHAR_MAX) -#define LTC_WCHAR_MAX WCHAR_MAX -#endif + #if defined(__WCHAR_MAX__) + #define LTC_WCHAR_MAX __WCHAR_MAX__ + #else + #include + #define LTC_WCHAR_MAX WCHAR_MAX + #endif /* please note that it might happen that LTC_WCHAR_MAX is undefined */ #else -typedef ulong32 wchar_t; -#define LTC_WCHAR_MAX 0xFFFFFFFF + typedef ulong32 wchar_t; + #define LTC_WCHAR_MAX 0xFFFFFFFF #endif int der_encode_utf8_string(const wchar_t *in, unsigned long inlen, From 4c2ae4758e5de13f7b9891297feccdd3e00998e5 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 5 May 2018 17:59:11 +0200 Subject: [PATCH 20/28] fix "two-key 3des"-related things (cherry picked from commit 715103a2038432d93537b0f0419717da4b9ee850) --- src/ciphers/des.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/ciphers/des.c b/src/ciphers/des.c index 28660544..f83c0108 100644 --- a/src/ciphers/des.c +++ b/src/ciphers/des.c @@ -36,7 +36,7 @@ const struct ltc_cipher_descriptor des3_desc = { "3des", 14, - 24, 24, 8, 16, + 16, 24, 8, 16, &des3_setup, &des3_ecb_encrypt, &des3_ecb_decrypt, @@ -2068,8 +2068,11 @@ int des_keysize(int *keysize) int des3_keysize(int *keysize) { LTC_ARGCHK(keysize != NULL); - if(*keysize < 24) { - return CRYPT_INVALID_KEYSIZE; + if (*keysize < 16) + return CRYPT_INVALID_KEYSIZE; + if (*keysize < 24) { + *keysize = 16; + return CRYPT_OK; } *keysize = 24; return CRYPT_OK; From 94132324a90c8b07bd160399dd7b4f9f2d9f8118 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 10 May 2018 00:13:13 +0200 Subject: [PATCH 21/28] fix testvectors for two-key 3des (cherry picked from commit e4a03ca72ad0d3b54342756090dab92af88a2537) --- demos/tv_gen.c | 2 +- notes/cipher_tv.txt | 52 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 1 deletion(-) diff --git a/demos/tv_gen.c b/demos/tv_gen.c index 127c114e..f49c7fd1 100644 --- a/demos/tv_gen.c +++ b/demos/tv_gen.c @@ -78,7 +78,7 @@ void cipher_gen(void) printf("keysize error: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } - if (kl == lastkl) break; + if (kl == lastkl) continue; lastkl = kl; fprintf(out, "Key Size: %d bytes\n", kl); diff --git a/notes/cipher_tv.txt b/notes/cipher_tv.txt index 604f01c2..1bd799f8 100644 --- a/notes/cipher_tv.txt +++ b/notes/cipher_tv.txt @@ -1434,6 +1434,58 @@ Key Size: 8 bytes Cipher: 3des +Key Size: 16 bytes + 0: DF0B6C9C31CD0CE4 + 1: 9B3503FDF249920B + 2: 653924639C39E7FF + 3: 6A29E0A7F42025BB + 4: 1628B719BC875D20 + 5: 7D77004A18D0C0B2 + 6: 4D21684EFE962DC1 + 7: B6BD7F82B648A364 + 8: 1F87ABAD83D19E96 + 9: 3DF3533220C3CDED +10: D0E7D0ABFBA68747 +11: 109FE5B38D74E6C9 +12: AE12C4B4D523784F +13: 953CD7F264166764 +14: 70B3A87D72FA0A22 +15: 9C9D09AC66AB8F6D +16: 4A15AEACB35B76F0 +17: EFA32F95623BCF1A +18: 679901F7737E195C +19: 221BB06209DDFCF4 +20: 0889A953C60BB1BF +21: 88F2249380E2D5D9 +22: 5AB26168B7FA24D5 +23: 934229150997D390 +24: 535E4F4C4DA97062 +25: 03E8D711AC2B8154 +26: CB5EF6E72EA3EC49 +27: 9278A864F488C94A +28: CB91B77401DAF004 +29: 4D0BA1C9794E0099 +30: 9CFA24A21F48043F +31: BB6B3A33AEEC01F4 +32: F2A8566E0FF6033D +33: E6AC213000E955E6 +34: 91F5FF42BBE0B81B +35: 6506D72ADEA70E12 +36: F9BD8C0506C7CC4E +37: 89CD85D1C98439ED +38: 409410E3E7D66B10 +39: 4CA64F96F4F3D216 +40: 383D18FBF8C006BC +41: 3806A8CB006EC243 +42: EE73C06D903D2FCF +43: 624BFD3FAD7ED9EB +44: 1B5457F2731FB5D1 +45: 4EC4632DFAC9D5D6 +46: 8F0B3100FAD612C5 +47: F955FCAD55AC6C90 +48: BEB5F023BD413960 +49: BDC369F3288ED754 + Key Size: 24 bytes 0: 58ED248F77F6B19E 1: DA5C39983FD34F30 From 250eced90497121e75b0edc4827c1cba7a9c75c2 Mon Sep 17 00:00:00 2001 From: karel-m <1918753+karel-m@users.noreply.github.com> Date: Tue, 19 Jun 2018 09:30:51 +0200 Subject: [PATCH 22/28] Merge pull request #408 from libtom/pr/fix-cve-2018-12437 ecc_sign_hash blinding CVE-2018-12437 (cherry picked from commit 6aef5e3765cb84dd610883932c170975cf254167) --- src/pk/ecc/ecc_sign_hash.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/src/pk/ecc/ecc_sign_hash.c b/src/pk/ecc/ecc_sign_hash.c index 46cdfa36..5d435699 100644 --- a/src/pk/ecc/ecc_sign_hash.c +++ b/src/pk/ecc/ecc_sign_hash.c @@ -21,7 +21,7 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen, prng_state *prng, int wprng, ecc_key *key, int sigformat) { ecc_key pubkey; - void *r, *s, *e, *p; + void *r, *s, *e, *p, *b; int err, max_iterations = LTC_PK_MAX_RETRIES; unsigned long pbits, pbytes, i, shift_right; unsigned char ch, buf[MAXBLOCKSIZE]; @@ -46,7 +46,7 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen, } /* init the bignums */ - if ((err = mp_init_multi(&r, &s, &p, &e, NULL)) != CRYPT_OK) { + if ((err = mp_init_multi(&r, &s, &p, &e, &b, NULL)) != CRYPT_OK) { return err; } if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errnokey; } @@ -82,12 +82,15 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen, if (mp_iszero(r) == LTC_MP_YES) { ecc_free(&pubkey); } else { + if ((err = rand_bn_upto(b, p, prng, wprng)) != CRYPT_OK) { goto error; } /* b = blinding value */ /* find s = (e + xr)/k */ - if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/k */ + if ((err = mp_mulmod(pubkey.k, b, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = kb */ + if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/kb */ if ((err = mp_mulmod(key->k, r, p, s)) != CRYPT_OK) { goto error; } /* s = xr */ - if ((err = mp_add(e, s, s)) != CRYPT_OK) { goto error; } /* s = e + xr */ - if ((err = mp_mod(s, p, s)) != CRYPT_OK) { goto error; } /* s = e + xr */ - if ((err = mp_mulmod(s, pubkey.k, p, s)) != CRYPT_OK) { goto error; } /* s = (e + xr)/k */ + if ((err = mp_mulmod(pubkey.k, s, p, s)) != CRYPT_OK) { goto error; } /* s = xr/kb */ + if ((err = mp_mulmod(pubkey.k, e, p, e)) != CRYPT_OK) { goto error; } /* e = e/kb */ + if ((err = mp_add(e, s, s)) != CRYPT_OK) { goto error; } /* s = e/kb + xr/kb */ + if ((err = mp_mulmod(s, b, p, s)) != CRYPT_OK) { goto error; } /* s = b(e/kb + xr/kb) = (e + xr)/k */ ecc_free(&pubkey); if (mp_iszero(s) == LTC_MP_NO) { break; @@ -121,7 +124,7 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen, error: ecc_free(&pubkey); errnokey: - mp_clear_multi(r, s, p, e, NULL); + mp_clear_multi(r, s, p, e, b, NULL); return err; } From 11bdffcf052814e2899030c375021a20dac1921b Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 22 Jun 2018 00:31:44 +0200 Subject: [PATCH 23/28] fix-up 719d297e9fbdbb4305f3fa90d86cc63fe7137e93 --- src/pk/asn1/der/sequence/der_decode_sequence_flexi.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c index 5577129b..cb93e8f6 100644 --- a/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c +++ b/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c @@ -80,7 +80,7 @@ static int _new_element(ltc_asn1_list **l) int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out) { ltc_asn1_list *l, *t; - unsigned long err, type, len, totlen, data_offset; + unsigned long err, type, len, totlen, data_offset, len_len; void *realloc_tmp; LTC_ARGCHK(in != NULL); @@ -414,7 +414,7 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc t = t->child; } if (len_len > LTC_DER_MAX_RECURSION) { - err = CRYPT_PK_ASN1_ERROR; + err = CRYPT_ERROR; goto error; } From 07b626d7a1e25f8a618edbac9a60ea40ee250fba Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 22 Jun 2018 02:05:03 +0200 Subject: [PATCH 24/28] fix-up 250eced90497121e75b0edc4827c1cba7a9c75c2 --- src/math/rand_bn.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/math/rand_bn.c b/src/math/rand_bn.c index a42ba642..aa6539cc 100644 --- a/src/math/rand_bn.c +++ b/src/math/rand_bn.c @@ -8,7 +8,7 @@ */ #include "tomcrypt.h" -#ifdef LTC_MDSA +#if defined(LTC_MDSA) || defined(LTC_MECC) /** Generate a random number N with given bitlength (note: MSB can be 0) */ From bf5ad76c2862bcba196ce0325d6d9b30967f6fe8 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 22 Jun 2018 11:33:14 +0200 Subject: [PATCH 25/28] Merge pull request #414 from libtom/fix/411 Fix/411 (cherry picked from commit 8972027b46dc5ce3151deafd8eee5ea39a7119ff) --- demos/constants.c | 3 ++- demos/sizes.c | 6 ++++-- src/misc/crypt/crypt_constants.c | 25 ++++++++----------------- src/misc/crypt/crypt_sizes.c | 24 ++++++++---------------- 4 files changed, 22 insertions(+), 36 deletions(-) diff --git a/demos/constants.c b/demos/constants.c index f747eb59..50485adc 100644 --- a/demos/constants.c +++ b/demos/constants.c @@ -65,9 +65,10 @@ int main(int argc, char **argv) /* get and print the length of the names (and values) list */ if (crypt_list_all_constants(NULL, &names_list_len) != 0) exit(EXIT_FAILURE); /* get and print the names (and values) list */ - names_list = malloc(names_list_len); + if ((names_list = malloc(names_list_len)) == NULL) exit(EXIT_FAILURE); if (crypt_list_all_constants(names_list, &names_list_len) != 0) exit(EXIT_FAILURE); printf("%s\n", names_list); + free(names_list); } } else if (argc == 3) { if (strcmp(argv[1], "-s") == 0) { diff --git a/demos/sizes.c b/demos/sizes.c index 54d19794..c939b717 100644 --- a/demos/sizes.c +++ b/demos/sizes.c @@ -42,9 +42,10 @@ int main(int argc, char **argv) printf(" need to allocate %u bytes \n\n", sizes_list_len); /* get and print the names (and sizes) list */ - sizes_list = malloc(sizes_list_len); + if ((sizes_list = malloc(sizes_list_len)) == NULL) exit(EXIT_FAILURE); if (crypt_list_all_sizes(sizes_list, &sizes_list_len) != 0) exit(EXIT_FAILURE); printf(" supported sizes:\n\n%s\n\n", sizes_list); + free(sizes_list); } else if (argc == 2) { if (strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--help") == 0) { char* base = strdup(basename(argv[0])); @@ -60,9 +61,10 @@ int main(int argc, char **argv) /* get and print the length of the names (and sizes) list */ if (crypt_list_all_sizes(NULL, &sizes_list_len) != 0) exit(EXIT_FAILURE); /* get and print the names (and sizes) list */ - sizes_list = malloc(sizes_list_len); + if ((sizes_list = malloc(sizes_list_len)) == NULL) exit(EXIT_FAILURE); if (crypt_list_all_sizes(sizes_list, &sizes_list_len) != 0) exit(EXIT_FAILURE); printf("%s\n", sizes_list); + free(sizes_list); } } else if (argc == 3) { if (strcmp(argv[1], "-s") == 0) { diff --git a/src/misc/crypt/crypt_constants.c b/src/misc/crypt/crypt_constants.c index 1c71862c..9b3c9387 100644 --- a/src/misc/crypt/crypt_constants.c +++ b/src/misc/crypt/crypt_constants.c @@ -252,20 +252,16 @@ int crypt_get_constant(const char* namein, int *valueout) { int crypt_list_all_constants(char *names_list, unsigned int *names_list_size) { int i; unsigned int total_len = 0; - char number[32], *ptr; + char *ptr; int number_len; int count = sizeof(_crypt_constants) / sizeof(_crypt_constants[0]); /* calculate amount of memory required for the list */ for (i=0; i= sizeof(number))) + number_len = snprintf(NULL, 0, "%s,%d\n", _crypt_constants[i].name, _crypt_constants[i].value); + if (number_len < 0) return -1; - total_len += number_len + 1; - /* this last +1 is for newlines (and ending NULL) */ + total_len += number_len; } if (names_list == NULL) { @@ -277,16 +273,11 @@ int crypt_list_all_constants(char *names_list, unsigned int *names_list_size) { /* build the names list */ ptr = names_list; for (i=0; i total_len) return -1; + total_len -= number_len; ptr += number_len; - strcpy(ptr, "\n"); - ptr += 1; } /* to remove the trailing new-line */ ptr -= 1; diff --git a/src/misc/crypt/crypt_sizes.c b/src/misc/crypt/crypt_sizes.c index 79b3bd4f..dd857ea7 100644 --- a/src/misc/crypt/crypt_sizes.c +++ b/src/misc/crypt/crypt_sizes.c @@ -307,19 +307,16 @@ int crypt_get_size(const char* namein, unsigned int *sizeout) { int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size) { int i; unsigned int total_len = 0; - char number[32], *ptr; + char *ptr; int number_len; int count = sizeof(_crypt_sizes) / sizeof(_crypt_sizes[0]); /* calculate amount of memory required for the list */ for (i=0; i= sizeof(number))) + number_len = snprintf(NULL, 0, "%s,%u\n", _crypt_sizes[i].name, _crypt_sizes[i].size); + if (number_len < 0) return -1; - total_len += (unsigned int)strlen(number) + 1; + total_len += number_len; /* this last +1 is for newlines (and ending NULL) */ } @@ -332,16 +329,11 @@ int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size) { /* build the names list */ ptr = names_list; for (i=0; i total_len) return -1; + total_len -= number_len; ptr += number_len; - strcpy(ptr, "\n"); - ptr += 1; } /* to remove the trailing new-line */ ptr -= 1; From 788a0463b9749729761f4e8a3e14e5800e14aa5b Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 22 Jun 2018 14:25:34 +0200 Subject: [PATCH 26/28] Update changes [skip ci] --- changes | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/changes b/changes index b43c1fd4..0b132bd3 100644 --- a/changes +++ b/changes @@ -1,3 +1,16 @@ +June XXXth, 2018 +v1.18.2 + -- Fix Side Channel Based ECDSA Key Extraction (CVE-2018-12437) (PR #408) + -- Fix potential stack overflow when DER flexi-decoding (CVE-2018-0739) (PR #373) + -- Fix two-key 3DES (PR #390) + -- Fix accelerated CTR mode (PR #359) + -- Fix Fortuna PRNG (PR #363) + -- Fix compilation on platforms where cc doesn't point to gcc (PR #382) + -- Fix using the wrong environment variable LT instead of LIBTOOL (PR #392) + -- Fix build on platforms where the compiler provides __WCHAR_MAX__ but wchar.h is not available (PR #390) + -- Fix & re-factor crypt_list_all_sizes() and crypt_list_all_constants() (PR #414) + -- Minor fixes (PR's #350 #351 #375 #377 #378 #379) + January 22nd, 2018 v1.18.1 -- Fix wrong SHA3 blocksizes, thanks to Claus Fischer for reporting this via Mail (PR #329) From 54e6db588a96fe8d29984033c56d105babc88210 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sun, 1 Jul 2018 12:51:54 +0200 Subject: [PATCH 27/28] Bump version --- changes | 2 +- doc/Doxyfile | 2 +- makefile.mingw | 2 +- makefile.msvc | 2 +- makefile.unix | 2 +- makefile_include.mk | 4 ++-- src/headers/tomcrypt.h | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/changes b/changes index 0b132bd3..dc56d08d 100644 --- a/changes +++ b/changes @@ -1,4 +1,4 @@ -June XXXth, 2018 +July 1st, 2018 v1.18.2 -- Fix Side Channel Based ECDSA Key Extraction (CVE-2018-12437) (PR #408) -- Fix potential stack overflow when DER flexi-decoding (CVE-2018-0739) (PR #373) diff --git a/doc/Doxyfile b/doc/Doxyfile index 7b200b2f..63144d8e 100644 --- a/doc/Doxyfile +++ b/doc/Doxyfile @@ -38,7 +38,7 @@ PROJECT_NAME = LibTomCrypt # could be handy for archiving the generated documentation or if some version # control system is used. -PROJECT_NUMBER=1.18.1 +PROJECT_NUMBER=1.18.2 # Using the PROJECT_BRIEF tag one can provide an optional one line description # for a project that appears at the top of each page and should give viewer a diff --git a/makefile.mingw b/makefile.mingw index e33e2aca..8948ca9f 100644 --- a/makefile.mingw +++ b/makefile.mingw @@ -27,7 +27,7 @@ EXTRALIBS = -L../libtommath -ltommath #Compilation flags LTC_CFLAGS = -Isrc/headers -Itests -DLTC_SOURCE $(CFLAGS) LTC_LDFLAGS = $(LDFLAGS) $(EXTRALIBS) -VERSION=1.18.1 +VERSION=1.18.2 #Libraries to be created LIBMAIN_S =libtomcrypt.a diff --git a/makefile.msvc b/makefile.msvc index 9911d1d2..1efa11c6 100644 --- a/makefile.msvc +++ b/makefile.msvc @@ -22,7 +22,7 @@ EXTRALIBS = ../libtommath/tommath.lib #Compilation flags LTC_CFLAGS = /nologo /Isrc/headers/ /Itests/ /D_CRT_SECURE_NO_WARNINGS /D_CRT_NONSTDC_NO_DEPRECATE /DLTC_SOURCE /W3 $(CFLAGS) LTC_LDFLAGS = advapi32.lib $(EXTRALIBS) -VERSION=1.18.1 +VERSION=1.18.2 #Libraries to be created (this makefile builds only static libraries) LIBMAIN_S =tomcrypt.lib diff --git a/makefile.unix b/makefile.unix index 5e4ef5c0..939f4eab 100644 --- a/makefile.unix +++ b/makefile.unix @@ -39,7 +39,7 @@ EXTRALIBS = ../libtommath/libtommath.a #Compilation flags LTC_CFLAGS = -Isrc/headers -Itests -DLTC_SOURCE $(CFLAGS) LTC_LDFLAGS = $(LDFLAGS) $(EXTRALIBS) -VERSION=1.18.1 +VERSION=1.18.2 #Libraries to be created (this makefile builds only static libraries) LIBMAIN_S =libtomcrypt.a diff --git a/makefile_include.mk b/makefile_include.mk index 5e529525..8f4d40a4 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -3,8 +3,8 @@ # (GNU make only) # The version - BEWARE: VERSION, VERSION_PC and VERSION_LT are updated via ./updatemakes.sh -VERSION=1.18.1 -VERSION_PC=1.18.1 +VERSION=1.18.2 +VERSION_PC=1.18.2 # http://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html VERSION_LT=1:1 diff --git a/src/headers/tomcrypt.h b/src/headers/tomcrypt.h index 94d88e81..f4442d24 100644 --- a/src/headers/tomcrypt.h +++ b/src/headers/tomcrypt.h @@ -27,7 +27,7 @@ extern "C" { /* version */ #define CRYPT 0x0118 -#define SCRYPT "1.18.1" +#define SCRYPT "1.18.2" /* max size of either a cipher/hash block or symmetric key [largest of the two] */ #define MAXBLOCKSIZE 128 From a015a8f05fc3bb84bdd0f9f3e40d8ac2d12f6200 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sun, 1 Jul 2018 22:47:05 +0200 Subject: [PATCH 28/28] don't install `test` in target install_all This fixes #396 --- makefile_include.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefile_include.mk b/makefile_include.mk index 8f4d40a4..a48eefe9 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -408,7 +408,7 @@ doc/crypt.pdf: $(call print-help,doc/crypt.pdf,Builds the Developer Manual) $(MAKE) -C doc/ crypt.pdf V=$(V) -install_all: $(call print-help,install_all,Install everything - library bins docs tests) install install_bins install_docs install_test +install_all: $(call print-help,install_all,Install everything - library bins docs tests) install install_bins install_docs INSTALL_OPTS ?= -m 644