Merge pull request #99 from cppalliance/DRBGVS

Implement DRBGVS
cppalliance · Nov 12, 2024 · 2840ff3 · 2840ff3
2 parents acac94f + 124d880
commit 2840ff3
Show file tree

Hide file tree

Showing 7 changed files with 8,154 additions and 9 deletions.
diff --git a/include/boost/crypt/drbg/hmac_drbg.hpp b/include/boost/crypt/drbg/hmac_drbg.hpp
@@ -119,10 +119,14 @@ auto hmac_drbg<HMACType, max_hasher_security, outlen, prediction_resistance>::up
 
     // GCC optimizes this to memcpy (like it should),
     // but then complains about theoretical array boundaries (provided_data_size can be 0)
-    #if defined(__GNUC__) && __GNUC__ >= 5
+    #ifdef __clang__
+    #pragma clang diagnostic push
+    #pragma clang diagnostic ignored "-Wsign-conversion"
+    #elif defined(__GNUC__) && __GNUC__ >= 5
     #pragma GCC diagnostic push
     #pragma GCC diagnostic ignored "-Warray-bounds="
     #pragma GCC diagnostic ignored "-Wrestrict"
+    #pragma GCC diagnostic ignored "-Wsign-conversion"
     #endif
 
     // Step 1: V || 0x00 || provided data
@@ -137,7 +141,9 @@ auto hmac_drbg<HMACType, max_hasher_security, outlen, prediction_resistance>::up
         storage[offset++] = static_cast<boost::crypt::uint8_t>(provided_data[i]);
     }
 
-    #if defined(__GNUC__) && __GNUC__ >= 5
+    #ifdef __clang__
+    #pragma clang diagnostic pop
+    #elif defined(__GNUC__) && __GNUC__ >= 5
     #pragma GCC diagnostic pop
     #endif
 
@@ -269,6 +275,15 @@ inline auto hmac_drbg<HMACType, max_hasher_security, outlen, prediction_resistan
         boost::crypt::array<boost::crypt::uint8_t, 3 * outlen_bytes> seed_material {};
         boost::crypt::size_t offset {};
 
+        // Since we take both pointers or containers entropy[i] could either be size_t or ptrdiff_t
+        #ifdef __clang__
+        #pragma clang diagnostic push
+        #pragma clang diagnostic ignored "-Wsign-conversion"
+        #elif defined(__GNUC__) && __GNUC__ >= 5
+        #pragma GCC diagnostic push
+        #pragma GCC diagnostic ignored "-Wsign-conversion"
+        #endif
+
         // Seed material is: entropy_input || nonce || personalization_string
         for (boost::crypt::size_t i {}; i < entropy_size; ++i)
         {
@@ -283,6 +298,12 @@ inline auto hmac_drbg<HMACType, max_hasher_security, outlen, prediction_resistan
             seed_material[offset++] = static_cast<boost::crypt::uint8_t>(personalization[i]);
         }
 
+        #ifdef __clang__
+        #pragma clang diagnostic pop
+        #elif defined(__GNUC__) && __GNUC__ >= 5
+        #pragma GCC diagnostic pop
+        #endif
+
         BOOST_CRYPT_ASSERT(offset == total_input_size);
 
         const auto update_return {update(seed_material.begin(), offset)};
@@ -312,6 +333,14 @@ inline auto hmac_drbg<HMACType, max_hasher_security, outlen, prediction_resistan
             return state::out_of_memory; // LCOV_EXCL_LINE
         }
 
+        #ifdef __clang__
+        #pragma clang diagnostic push
+        #pragma clang diagnostic ignored "-Wsign-conversion"
+        #elif defined(__GNUC__) && __GNUC__ >= 5
+        #pragma GCC diagnostic push
+        #pragma GCC diagnostic ignored "-Wsign-conversion"
+        #endif
+
         boost::crypt::size_t offset {};
         for (boost::crypt::size_t i {}; i < entropy_size; ++i)
         {
@@ -326,6 +355,12 @@ inline auto hmac_drbg<HMACType, max_hasher_security, outlen, prediction_resistan
             seed_material[offset++] = static_cast<boost::crypt::uint8_t>(personalization[i]);
         }
 
+        #ifdef __clang__
+        #pragma clang diagnostic pop
+        #elif defined(__GNUC__) && __GNUC__ >= 5
+        #pragma GCC diagnostic pop
+        #endif
+
         #ifndef BOOST_CRYPT_HAS_CUDA
         const auto update_return {update(seed_material.get(), offset)};
         #else
@@ -368,18 +403,32 @@ auto hmac_drbg<HMACType, max_hasher_security, outlen, prediction_resistance>::re
 
     if (seed_material_size < 3U * min_reseed_entropy)
     {
+        #ifdef __clang__
+        #pragma clang diagnostic push
+        #pragma clang diagnostic ignored "-Wsign-conversion"
+        #elif defined(__GNUC__) && __GNUC__ >= 5
+        #pragma GCC diagnostic push
+        #pragma GCC diagnostic ignored "-Wsign-conversion"
+        #endif
+
         // Happy path of static memory init
         boost::crypt::array<boost::crypt::uint8_t, 3U * min_reseed_entropy> seed_material {};
         boost::crypt::size_t offset {};
         for (boost::crypt::size_t i {}; i < entropy_size; ++i)
         {
-            seed_material[offset++] = static_cast<boost::crypt::uint8_t>(*entropy++);
+            seed_material[offset++] = static_cast<boost::crypt::uint8_t>(entropy[i]);
         }
         for (boost::crypt::size_t i {}; i < additional_input_size; ++i)
         {
-            seed_material[offset++] = static_cast<boost::crypt::uint8_t>(*additional_input++);
+            seed_material[offset++] = static_cast<boost::crypt::uint8_t>(additional_input[i]);
         }
 
+        #ifdef __clang__
+        #pragma clang diagnostic pop
+        #elif defined(__GNUC__) && __GNUC__ >= 5
+        #pragma GCC diagnostic pop
+        #endif
+
         BOOST_CRYPT_ASSERT(offset == seed_material_size);
 
         const auto update_result {update(seed_material, seed_material_size)};
@@ -407,16 +456,30 @@ auto hmac_drbg<HMACType, max_hasher_security, outlen, prediction_resistance>::re
             return state::out_of_memory; // LCOV_EXCL_LINE
         }
 
+        #ifdef __clang__
+        #pragma clang diagnostic push
+        #pragma clang diagnostic ignored "-Wsign-conversion"
+        #elif defined(__GNUC__) && __GNUC__ >= 5
+        #pragma GCC diagnostic push
+        #pragma GCC diagnostic ignored "-Wsign-conversion"
+        #endif
+
         boost::crypt::size_t offset {};
         for (boost::crypt::size_t i {}; i < entropy_size; ++i)
         {
-            seed_material[offset++] = static_cast<boost::crypt::uint8_t>(*entropy++);
+            seed_material[offset++] = static_cast<boost::crypt::uint8_t>(entropy[i]);
         }
         for (boost::crypt::size_t i {}; i < additional_input_size; ++i)
         {
-            seed_material[offset++] = static_cast<boost::crypt::uint8_t>(*additional_input++);
+            seed_material[offset++] = static_cast<boost::crypt::uint8_t>(additional_input[i]);
         }
 
+        #ifdef __clang__
+        #pragma clang diagnostic pop
+        #elif defined(__GNUC__) && __GNUC__ >= 5
+        #pragma GCC diagnostic pop
+        #endif
+
         #ifndef BOOST_CRYPT_HAS_CUDA
         const auto update_return {update(seed_material.get(), seed_material_size)};
         #else

diff --git a/test/Jamfile b/test/Jamfile
@@ -72,6 +72,7 @@ run test_hmac_drbg.cpp ;
 run test_nist_cavs_sha1_monte.cpp ;
 run test_nist_cavs_sha1_short_long.cpp ;
 run test_nist_cavs_sha1_hmac.cpp ;
+run test_nist_cavs_sha1_hmac_drbg.cpp ;
 
 run test_nist_cavs_sha224_monte.cpp ;
 run test_nist_cavs_sha224_short_long.cpp ;