Go to file
Steffen Jaeckel cac400cf79 really implement DER decoding resursion limit
PR #373 did not really fix the issue of preventing a potential stack
overflow in case a lot of nested sequences have to be decoded.
Instead it only threw an error after successfully decoding all the nested
sequences.
This change fixes this and prevents the decoding.
2020-06-20 12:28:22 +02:00
.ci run {A,UB}SAN again with GMP 2019-10-11 14:32:22 +02:00
.github add issue and PR templates 2017-10-10 18:08:35 +02:00
demos do timing on actual RSA key sizes 2019-10-17 22:27:54 +02:00
doc Update docs 2019-10-19 16:30:18 +02:00
hooks add pre-commit hook 2017-03-22 11:21:49 +01:00
notes update TV's 2019-10-11 14:20:43 +02:00
src really implement DER decoding resursion limit 2020-06-20 12:28:22 +02:00
tests really implement DER decoding resursion limit 2020-06-20 12:28:22 +02:00
.clang-format add .clang-format 2015-08-25 23:58:08 +02:00
.gitattributes don't export .travis.yml in future releases 2018-01-22 11:09:38 +01:00
.gitignore add aesgcm demo 2018-03-27 14:26:16 +02:00
.travis.yml re-order vars of travis.yml 2019-10-11 14:32:22 +02:00
appveyor.yml also build on appveyor 2019-09-24 13:24:09 +02:00
changes Bump version 2018-07-01 12:51:54 +02:00
coverity.sh add missing file footers 2017-11-09 15:31:51 +01:00
helper.pl add XSTRLEN 2019-10-17 10:29:27 +02:00
libtomcrypt_VS2008.sln improving MS Windows builds (msvc) 2017-03-29 08:48:33 +02:00
libtomcrypt_VS2008.vcproj Update makefiles 2019-10-19 16:30:18 +02:00
libtomcrypt.pc.in drop the need for testprof/makefile* 2017-05-11 23:04:37 +02:00
LICENSE after multiple objections of libtom users [1], we decided to change licensing 2011-01-19 10:18:15 +01:00
makefile don't produce any console-output on make V=0 2019-10-11 14:32:22 +02:00
makefile_include.mk Update makefiles 2019-10-19 16:30:18 +02:00
makefile.mingw Update makefiles 2019-10-19 16:30:18 +02:00
makefile.msvc Update makefiles 2019-10-19 16:30:18 +02:00
makefile.shared TGTLIBTOOL wasn't always defined 2019-06-04 08:50:27 +02:00
makefile.unix Update makefiles 2019-10-19 16:30:18 +02:00
README.md add AppVeyor to README 2019-09-24 14:09:35 +02:00
testme.sh fix paths 2017-10-19 09:54:47 +02:00
updatemakes.sh add missing file footers 2017-11-09 15:31:51 +01:00

libtomcrypt

Previously the git repository contained doc/crypt.pdf for detailed documentation. This was changed and the file is now only available from the tarball of the appropriate version or from the page https://github.com/libtom/libtomcrypt/releases .

Project Status

Travis CI

master: Build Status Coverage Status

develop: Build Status Coverage Status

AppVeyor

master: Build status

develop: Build status

Coverity

Coverity Scan Build Status

ABI Laboratory

API/ABI changes: check here

Submitting patches

Please branch off from develop if you want to submit a patch.

Patch integration will be faster if tests and documentation are included.

Please update the makefiles in a separate commit. To update them simply run the updatemakes.sh script.

If you have something bigger to submit, feel free to contact us beforehand. Then we can give you write access to this repo, so you can open your PR based on this repo and we can easier follow the rebase-before-merge approach we're using (or even do the rebase ourself).

Reviews

We're using Pull Request reviews to make sure that the code is in line with the existing code base.

Please have a look here to get an idea of the approach.

Branches

Please be aware, that all branches besides master and develop can and will be force-pushed, rebased and/or removed!

If you want to rely on such an unstable branch, create your own fork of this repository to make sure nothing breaks for you.

Configuration options

By default the library builds its entire feature set (besides katja) in a (depending on your needs more or less) optimal way.

There are numerous configuration options available if you want to trim down the functionality of the library.

Please have a look at src/headers/tomcrypt_custom.h for all available configuration options.

The following list is a small part of the available, but the most often required, configuration switches.

Flag Behavior
LTC_NO_TEST Remove all algorithm self-tests from the library
LTC_NO_FILE Remove all API functions requiring a pre-defined FILE data-type (mostly useful for embedded targets)
GMP_DESC enable gmp as MPI provider *1
LTM_DESC enable libtommath as MPI provider *1
TFM_DESC enable tomsfastmath as MPI provider *1 *2
USE_GMP use gmp as MPI provider when building the binaries *3
USE_LTM use libtommath as MPI provider when building the binaries *3
USE_TFM use tomsfastmath as MPI provider when building the binaries *3

*1 It is possible to build the library against all MPI providers in parallel and choose at startup-time which math library should be used.

*2 Please be aware that tomsfastmath has the limitation of a fixed max size of MPI's.

*3 Only one is supported at the time & this is only required when building the binaries, not when building the library itself.

Building the library

There are several makefiles provided. Please choose the one that fits best for you.

makefile use-case
makefile builds a static library (GNU Make required)
makefile.shared builds a shared (and static) library (GNU Make required)
makefile.unix for unusual UNIX platforms, or if you do not have GNU Make
makefile.mingw for usage with the mingw compiler on MS Windows
makefile.msvc for usage with the MSVC compiler on MS Windows
libtomcrypt_VS2008.sln A VisualStudio 2008 project for MS Windows

Make targets

The makefiles provide several targets to build (VS project excluded). The following list does not claim to be complete resp. to be available across all makefile variants.

target application
empty target/none given c.f. library
library builds only the library
hashsum builds the hashsum binary, similar to shasum, but with support for all hash-algorithms included in the library *4
ltcrypt builds the ltcrypt binary, implementing something similar to crypt *4
sizes builds the sizes binary, printing all internal data sizes on invocation *4
constants builds the constants binary, printing all internal constants on invocation *4
openssl-enc builds the openssl-enc binary, which is more or less compatible to openssl enc *4 *5
test builds the test binary, which runs all algorithm self-tests + some extended tests *4
timing builds the timing binary, which can be used to measure timings for algorithms and modes *4
bins builds hashsum *4
all_test builds test, hashsum, ltcrypt, small, tv_gen, sizes & constants *4
docs builds the developer documentation doc/crypt.pdf
install installs the library and header files *7 *8
install_bins installs the binaries created by the bins target *7 *8
install_docs installs the documentation created by the docs target *7 *8
install_test installs the test-app created by the test target *7 *8
install_all installs everything (i.e. library, bins, docs and test) *8
uninstall uninstalls the library and header files

*4 also builds library

*5 broken build in some configurations, therefore not built by default

*7 also builds the necessary artifact(s) before installing it

*8 also have a look at the 'Installation' section of this file

Examples

You want to build the library as static library

make

You want to build the library as shared library

make -f makefile.shared

You have libtommath installed on your system and want to build a static library and the test binary to run the self-tests.

make CFLAGS="-DUSE_LTM -DLTM_DESC" EXTRALIBS="-ltommath" test

You have tomsfastmath installed on your system and want to build a shared library and all binaries

make -f makefile.shared CFLAGS="-DUSE_TFM -DTFM_DESC" EXTRALIBS="-ltfm" all demos

You have gmp, libtommath and tomsfastmath installed on your system and want to build a static library and the timing binary to measure timings against gmp.

make CFLAGS="-DUSE_GMP -DGMP_DESC -DLTM_DESC -DTFM_DESC" EXTRALIBS="-lgmp" timing

If you have libtommath in a non-standard location:

make CFLAGS="-DUSE_LTM -DLTM_DESC -I/opt/devel/ltm" EXTRALIBS="/opt/devel/ltm/libtommath.a" all

Installation

There exist several install make-targets which are described in the table above.

These targets support the standard ways (c.f. [GNU], [FreeBSD]) to modify the installation path via the following set of variables:

DESTDIR
PREFIX
LIBPATH
INCPATH
DATAPATH
BINPATH

The entire set of the variables is only supported in makefile, makefile.shared and makefile.unix.

In case you have to use one of the other makefiles, check in the file which variables are supported.

Examples

You want to install the static library to the default paths

make install

You want to install the shared library to a special path and use it from this path

make -f makefile.shared PREFIX=/opt/special/path

Have a look at the developer documentation, [GNU] or [FreeBSD] to get a detailed explanation of all the variables.