diff --git a/.ci/build.sh b/.ci/build.sh index c36df46c0..d9dc412a5 100755 --- a/.ci/build.sh +++ b/.ci/build.sh @@ -69,7 +69,3 @@ if [ -a testok.txt ] && [ -f testok.txt ]; then exit 0 fi exit 1 - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/.ci/check_source.sh b/.ci/check_source.sh index 3a2731fc4..ce13a09d5 100755 --- a/.ci/check_source.sh +++ b/.ci/check_source.sh @@ -9,7 +9,3 @@ echo "checking..." ./helper.pl --check-all || exit 1 exit 0 - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/.ci/clang-tidy.sh b/.ci/clang-tidy.sh index c58a67604..bfe37268a 100755 --- a/.ci/clang-tidy.sh +++ b/.ci/clang-tidy.sh @@ -45,7 +45,3 @@ portability-* -- -DUSE_LTM -DLTM_DESC -Isrc/headers -I../libtommath || { echo "c echo "clang-tidy ok" exit 0 - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/.ci/coverage.sh b/.ci/coverage.sh index e8808f9b7..4ebd0f0dd 100755 --- a/.ci/coverage.sh +++ b/.ci/coverage.sh @@ -45,7 +45,3 @@ else fi exit 0 - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/.ci/coverage_more.sh b/.ci/coverage_more.sh index 37c73f708..c0681275b 100755 --- a/.ci/coverage_more.sh +++ b/.ci/coverage_more.sh @@ -22,7 +22,3 @@ fi exit 0 - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/.ci/meta_builds.sh b/.ci/meta_builds.sh index 8c029d6c5..e12c6c494 100755 --- a/.ci/meta_builds.sh +++ b/.ci/meta_builds.sh @@ -110,7 +110,3 @@ echo echo "Build full debug..." make -j$MAKE_JOBS CFLAGS="$2 $CFLAGS $4" EXTRALIBS="$EXTRALIBS" all_test LTC_DEBUG=2 V=1 1>gcc_1.txt 2>gcc_2.txt - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/.ci/printinfo.sh b/.ci/printinfo.sh index 21e1fec79..213af5b16 100644 --- a/.ci/printinfo.sh +++ b/.ci/printinfo.sh @@ -18,7 +18,3 @@ then fi echo "${CC}="`${CC} -dumpversion` echo - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/.ci/run.sh b/.ci/run.sh index 3109171ba..09a278dd6 100755 --- a/.ci/run.sh +++ b/.ci/run.sh @@ -43,7 +43,3 @@ else fi exit 0 - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/.ci/testbuild.sh b/.ci/testbuild.sh index 0159774d6..d18f53f59 100755 --- a/.ci/testbuild.sh +++ b/.ci/testbuild.sh @@ -20,7 +20,3 @@ if find testok.txt -type f 1>/dev/null 2>/dev/null ; then exit 0 fi exit 1 - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/.ci/valgrind.sh b/.ci/valgrind.sh index 861b03d25..303358c55 100755 --- a/.ci/valgrind.sh +++ b/.ci/valgrind.sh @@ -41,7 +41,3 @@ readonly VALGRIND_EXTRA_OPTS=$(get_suppfile) valgrind $VALGRIND_OPTS $VALGRIND_EXTRA_OPTS ./test >test_std.txt 2> >(tee -a test_err.txt >&2) || { kill $alive_pid; echo "Valgrind failed"; exit 1; } kill $alive_pid - -# ref: $Format:%D$ -# git commit: $Format:%H$ -# commit time: $Format:%ai$ diff --git a/demos/CMakeLists.txt b/demos/CMakeLists.txt index 7de73093e..6450935a1 100644 --- a/demos/CMakeLists.txt +++ b/demos/CMakeLists.txt @@ -2,12 +2,14 @@ # Options # ----------------------------------------------------------------------------- option(BUILD_USEFUL_DEMOS "Build useful demos (hashsum)" FALSE) -option(BUILD_USABLE_DEMOS "Build usable demos (crypt sizes constants pem-info)" FALSE) -option(BUILD_BROKEN_DEMOS "Build broken demos (aesgcm openssh-privkey openssl-enc timing)" FALSE) +option( + BUILD_USABLE_DEMOS + "Build usable demos (aesgcm constants crypt openssh-privkey openssl-enc pem-info sizes timing)" + FALSE +) option(BUILD_TEST_DEMOS "Build test demos (small tv_gen)" FALSE) option(INSTALL_DEMOS "Install enabled demos (USEFUL and/or USABLE) and ltc wrapper script" FALSE) -option(INSTALL_BROKEN_DEMOS "Install broken demos and ltc wrapper script" FALSE) # ----------------------------------------------------------------------------- # Useful demos @@ -26,30 +28,22 @@ endif() # # Demos that are usable but only rarely make sense to be installed # -# USEABLE_DEMOS = crypt sizes constants pem-info +# USEABLE_DEMOS = aesgcm constants crypt openssh-privkey openssl-enc pem-info sizes timing # ----------------------------------------------------------------------------- if(BUILD_USABLE_DEMOS) - list(APPEND USABLE_DEMOS_TARGETS crypt sizes constants pem-info) -endif() - -# ----------------------------------------------------------------------------- -# Broken demos -# -# Demos that are kind of useful, but in some way broken -# -# * aesgcm - can't be built with LTC_EASY -# * openssl-enc - can't be built with LTC_EASY -# * openssh-privkey - can't be built with LTC_EASY -# * timing - not really broken, but older gcc builds spit warnings -# -# BROKEN_DEMOS = aesgcm openssl-enc openssh-privkey timing -# ----------------------------------------------------------------------------- - -if(BUILD_BROKEN_DEMOS AND INSTALL_BROKEN_DEMOS) - list(APPEND USABLE_DEMOS_TARGETS aesgcm openssh-privkey openssl-enc timing) -elseif(BUILD_BROKEN_DEMOS) - list(APPEND ALL_DEMOS_TARGETS aesgcm openssh-privkey openssl-enc timing) + list( + APPEND + USABLE_DEMOS_TARGETS + aesgcm + constants + crypt + openssh-privkey + openssl-enc + pem-info + sizes + timing + ) endif() # ----------------------------------------------------------------------------- diff --git a/demos/aesgcm.c b/demos/aesgcm.c index fa0e2d340..9aa549a37 100644 --- a/demos/aesgcm.c +++ b/demos/aesgcm.c @@ -16,10 +16,16 @@ #include #include #include -#include #include #include +#ifndef LTC_GCM_MODE +int main(void) +{ + return -1; +} +#else + #include "gcm-file/gcm_filehandle.c" #include "gcm-file/gcm_file.c" @@ -58,33 +64,7 @@ static int mv(const char *old_name, const char *new_name) return 0; } -/* https://stackoverflow.com/a/23898449 */ -static void scan_hex(const char* str, uint8_t* bytes, size_t blen) -{ - uint8_t pos; - uint8_t idx0; - uint8_t idx1; - - const uint8_t hashmap[] = - { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, /* 01234567 */ - 0x08, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 89:;<=>? */ - 0x00, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00, /* @ABCDEFG */ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* HIJKLMNO */ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* PQRSTUVW */ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* XYZ[\]^_ */ - 0x00, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00, /* `abcdefg */ - }; - - for (pos = 0; ((pos < (blen*2)) && (pos < XSTRLEN(str))); pos += 2) - { - idx0 = (uint8_t)(str[pos+0] & 0x1F) ^ 0x10; - idx1 = (uint8_t)(str[pos+1] & 0x1F) ^ 0x10; - bytes[pos/2] = (uint8_t)(hashmap[idx0] << 4) | hashmap[idx1]; - } -} - -static void die(int ret) +static void LTC_NORETURN die(int ret) { fprintf(stderr, "Usage: aesgcm <-e|-d> <88|96 char hex-string 'IV | key'>\n"); exit(ret); @@ -97,9 +77,14 @@ int main(int argc, char **argv) uint8_t keybuf[48] = {0}; char *out = NULL; const char *mode, *in_file, *out_file, *key_string; - unsigned long ivlen; + unsigned long ivlen, key_len; - if (argc < 5) die(__LINE__); + if (argc < 5) { + if (argc > 1 && strstr(argv[1], "-h")) + die(0); + else + die(__LINE__); + } arg = 1; mode = argv[arg++]; @@ -116,7 +101,11 @@ int main(int argc, char **argv) keylen = XSTRLEN(key_string); if (keylen != 88 && keylen != 96) die(__LINE__); - scan_hex(key_string, keybuf, keylen/2); + key_len = sizeof(keybuf); + if ((err = base16_decode(key_string, keylen, keybuf, &key_len)) != CRYPT_OK) { + fprintf(stderr, "boooh %s\n", error_to_string(err)); + die(__LINE__); + } register_all_ciphers(); @@ -148,3 +137,4 @@ int main(int argc, char **argv) return ret; } +#endif diff --git a/demos/crypt.c b/demos/crypt.c index a4be30ecd..598d35f1d 100644 --- a/demos/crypt.c +++ b/demos/crypt.c @@ -12,17 +12,29 @@ #include -static int LTC_NORETURN usage(char *name) +static int LTC_NORETURN die(int status) { - int x; - - printf("Usage encrypt: %s cipher infile outfile\n", name); - printf("Usage decrypt: %s -d cipher infile outfile\n", name); - printf("Usage test: %s -t cipher\nCiphers:\n", name); + int x, w, tot = 0; + FILE* o = status == EXIT_SUCCESS ? stdout : stderr; + fprintf(o, + "Usage encrypt: crypt \n" + "Usage decrypt: crypt -d \n" + "Usage test: crypt -t \n" + "This help: crypt -h\n\nCiphers:\n\t"); for (x = 0; cipher_descriptor[x].name != NULL; x++) { - printf("%s\n",cipher_descriptor[x].name); + w = fprintf(o, "%-14s",cipher_descriptor[x].name); + if (w < 0) { + status = EXIT_FAILURE; + break; + } + tot += w; + if (tot >= 70) { + fprintf(o, "\n\t"); + tot = 0; + } } - exit(1); + if (tot != 0) fprintf(o, "\n"); + exit(status); } int main(int argc, char *argv[]) @@ -48,24 +60,24 @@ int main(int argc, char *argv[]) cipher = argv[2]; cipher_idx = find_cipher(cipher); if (cipher_idx == -1) { - printf("Invalid cipher %s entered on command line.\n", cipher); - exit(-1); + fprintf(stderr, "Invalid cipher %s entered on command line.\n", cipher); + die(EXIT_FAILURE); } /* if */ - if (cipher_descriptor[cipher_idx].test) - { - if (cipher_descriptor[cipher_idx].test() != CRYPT_OK) - { - printf("Error when testing cipher %s.\n", cipher); - exit(-1); + if (cipher_descriptor[cipher_idx].test) { + if (cipher_descriptor[cipher_idx].test() != CRYPT_OK) { + fprintf(stderr, "Error when testing cipher %s.\n", cipher); + die(EXIT_FAILURE); } - else - { + else { printf("Testing cipher %s succeeded.\n", cipher); - exit(0); - } /* if ... else */ - } /* if */ + exit(EXIT_SUCCESS); + } + } else { + fprintf(stderr, "Cipher %s has no tests.\n", cipher); + exit(EXIT_SUCCESS); + } } - return usage(argv[0]); + return die(argc > 1 && strstr(argv[1], "-h") != NULL ? EXIT_SUCCESS : EXIT_FAILURE); } if (!strcmp(argv[1], "-d")) { diff --git a/demos/hashsum.c b/demos/hashsum.c index ebf4c4a8d..7670c9249 100644 --- a/demos/hashsum.c +++ b/demos/hashsum.c @@ -41,10 +41,17 @@ static void die(int status) { unsigned long w, x; FILE* o = status == EXIT_SUCCESS ? stdout : stderr; - fprintf(o, "usage: %s -a algorithm [-c] [file...]\n\n", hashsum); - fprintf(o, "\t-c\tCheck the hash(es) of the file(s) written in [file].\n"); - fprintf(o, "\t\t(-a not required)\n"); - fprintf(o, "\nAlgorithms:\n\t"); + fprintf(o, + "Usage: %s [-a ...] [-c|-h] [...]\n\n" + "\t-c\tCheck the hash(es) of the file(s) written in .\n" + "\t\tNote: -a is not required when checking the hash(es).\n" + "\t-h\tThis help\n\n" + "Examples:\n" + "\t%s -a sha1 file > file.sha1sum\n" + "\t%s -c file.sha1sum\n" + "\t%s -a sha1 -a sha256 -a sha512-256 file > file.hashsum\n" + "\t%s -c file.hashsum\n\n" + "Algorithms:\n\t", hashsum, hashsum, hashsum, hashsum, hashsum); w = 0; for (x = 0; hash_descriptor[x].name != NULL; x++) { w += fprintf(o, "%-14s", hash_descriptor[x].name); @@ -67,7 +74,7 @@ static void printf_hex(unsigned char* hash_buffer, unsigned long w) static void check_file(int argn, int argc, char **argv) { - int err, failed, invalid; + int err, failed = 0, invalid = 0; unsigned char is_buffer[MAXBLOCKSIZE], should_buffer[MAXBLOCKSIZE]; char buf[PATH_MAX + (MAXBLOCKSIZE * 3)]; /* iterate through all files */ @@ -82,8 +89,6 @@ static void check_file(int argn, int argc, char **argv) perror(argv[argn]); exit(EXIT_FAILURE); } - failed = 0; - invalid = 0; /* read the file line by line */ while((s = fgets(buf, sizeof(buf), f)) != NULL) { @@ -163,7 +168,7 @@ static void check_file(int argn, int argc, char **argv) } argn++; } - exit(EXIT_SUCCESS); + exit(failed == 0 && invalid == 0 ? EXIT_SUCCESS : EXIT_FAILURE); } int main(int argc, char **argv) @@ -178,7 +183,7 @@ int main(int argc, char **argv) /* You need to register algorithms before using them */ register_all_ciphers(); register_all_hashes(); - if (argc > 1 && (strcmp("-h", argv[1]) == 0 || strcmp("--help", argv[1]) == 0)) { + if (argc > 1 && strstr(argv[1], "-h")) { die(EXIT_SUCCESS); } if (argc < 3) { diff --git a/demos/openssl-enc.c b/demos/openssl-enc.c index b4f777887..8fc1b14fb 100644 --- a/demos/openssl-enc.c +++ b/demos/openssl-enc.c @@ -24,8 +24,6 @@ * - OpenSSL-compatible key derivation (in OpenSSL's modified PKCS#5v1 approach) * - Grabbing an Initialization Vector from the key generator * - Performing simple block encryption using AES - * - PKCS#7-type padding (which hopefully can get ripped out of this demo and - * made a libtomcrypt thing someday). * * This program is free for all purposes without any express guarantee it * works. If you really want to see a license here, assume the WTFPL :-) @@ -38,22 +36,14 @@ */ #include +#include -#ifndef LTC_RIJNDAEL -#error Cannot compile this demo; Rijndael (AES) required -#endif -#ifndef LTC_CBC_MODE -#error Cannot compile this demo; CBC mode required -#endif -#ifndef LTC_PKCS_5 -#error Cannot compile this demo; PKCS5 required -#endif -#ifndef LTC_RNG_GET_BYTES -#error Cannot compile this demo; random generator required -#endif -#ifndef LTC_MD5 -#error Cannot compile this demo; MD5 required -#endif +#if !defined(LTC_RIJNDAEL) || !defined(LTC_CBC_MODE) || !defined(LTC_PKCS_5) || !defined(LTC_RNG_GET_BYTES) || !defined(LTC_MD5) +int main(void) +{ + return -1; +} +#else /* OpenSSL by default only runs one hash round */ #define OPENSSL_ITERATIONS 1 @@ -83,44 +73,33 @@ union paddable { * Output: * Side Effects: print messages and barf (does exit(3)) */ -void barf(const char *pname, const char *err) +static void LTC_NORETURN barf(const char *pname, const char *err) { - printf("Usage: %s infile outfile passphrase [salt]\n", pname); - printf("\n"); - printf(" # encrypts infile->outfile, random salt\n"); - printf(" %s enc infile outfile \"passphrase\"\n", pname); - printf("\n"); - printf(" # encrypts infile->outfile, salt from cmdline\n"); - printf(" %s enc infile outfile pass 0123456789abcdef\n", pname); - printf("\n"); - printf(" # decrypts infile->outfile, pulls salt from infile\n"); - printf(" %s dec infile outfile pass\n", pname); - printf("\n"); - printf(" # decrypts infile->outfile, salt specified\n"); - printf(" # (don't try to read the salt from infile)\n"); - printf(" %s dec infile outfile pass 0123456789abcdef" - "\n", pname); - printf("\n"); - printf("Application Error: %s\n", err); + FILE* o = err == NULL ? stdout : stderr; + fprintf(o, + "Usage: %s infile outfile [passphrase | -] [salt]\n" + "\n" + " The passphrase can either be given at the command line\n" + " or if it's passed as '-' it will be read interactively.\n" + "\n" + " # encrypts infile->outfile, random salt\n" + " %s enc infile outfile pass\n" + "\n" + " # encrypts infile->outfile, salt from cmdline\n" + " %s enc infile outfile pass 0123456789abcdef\n" + "\n" + " # decrypts infile->outfile, pulls salt from infile\n" + " %s dec infile outfile pass\n" + "\n" + " # decrypts infile->outfile, salt specified\n" + " # (don't try to read the salt from infile)\n" + " %s dec infile outfile pass 0123456789abcdef\n" + "\n" + "Application Error: %s\n", pname, pname, pname, pname, pname, err ? err : "None"); if(errno) - perror(" System Error"); - exit(-1); -} - -/* - * Parse a salt value passed in on the cmdline. - * - * Input: string passed in and a buf to put it in (exactly 8 bytes!) - * Output: CRYPT_OK if parsed OK, CRYPT_ERROR if not - * Side Effects: none - */ -int parse_hex_salt(unsigned char *in, unsigned char *out) -{ - int idx; - for(idx=0; idx 1 && strstr(argv[1], "-h")) + barf(argv[0], NULL); /* Check proper number of cmdline args */ if(argc < 5 || argc > 6) @@ -302,9 +318,9 @@ int main(int argc, char *argv[]) { /* Get the salt from wherever */ if(argc == 6) { /* User-provided */ - if(parse_hex_salt((unsigned char*) argv[5], salt) != CRYPT_OK) + if(base16_decode(argv[5], strlen(argv[5]), salt, &saltlen) != CRYPT_OK) BARF("Bad user-specified salt"); - } else if(!strncmp(argv[1], "enc", 3)) { + } else if(encrypt) { /* Encrypting; get from RNG */ if(rng_get_bytes(salt, sizeof(salt), NULL) != sizeof(salt)) BARF("Not enough random data"); @@ -324,9 +340,18 @@ int main(int argc, char *argv[]) { key = keyiv + 0; /* key comes first */ iv = keyiv + KEY_LENGTH; /* iv comes next */ + if (argv[4] && strcmp(argv[4], "-")) { + pass = argv[4]; + } else { + password = getpassword("Enter password: ", 256); + if (!password) + BARF("Could not get password"); + pass = password; + } + /* Run the key derivation from the provided passphrase. This gets us the key and iv. */ - ret = pkcs_5_alg1_openssl((unsigned char*)argv[4], XSTRLEN(argv[4]), salt, + ret = pkcs_5_alg1_openssl(pass, XSTRLEN(pass), salt, OPENSSL_ITERATIONS, hash, keyiv, &keyivlen ); if(ret != CRYPT_OK) BARF("Could not derive key/iv from passphrase"); @@ -353,6 +378,8 @@ int main(int argc, char *argv[]) { BARF("Error during crypt operation"); /* Clean up */ + if(password) free(password); fclose(infd); fclose(outfd); return 0; } +#endif diff --git a/demos/pem-info.c b/demos/pem-info.c index b7c743419..9799ee4b0 100644 --- a/demos/pem-info.c +++ b/demos/pem-info.c @@ -69,9 +69,23 @@ static const char *s_map_mode(enum cipher_mode mode) exit(1); } -int main(void) + +static void LTC_NORETURN die(int status) +{ + FILE* o = status == EXIT_SUCCESS ? stdout : stderr; + fprintf(o, + "Usage: pem-info [<-h>]\n\n" + "Generate LaTeX tables from the supported PEM resp. SSH ciphers.\n\n" + "\t-h\tThe help you're looking at.\n" + ); + exit(status); +} + +int main(int argc, char **argv) { unsigned long n; + if (argc > 1 && strstr(argv[1], "-h")) + die(0); printf("PEM ciphers:\n\n"); for (n = 0; n < pem_dek_infos_num; ++n) { char nbuf[32] = {0}; diff --git a/demos/timing.c b/demos/timing.c index 7dc430c88..e180b0d27 100644 --- a/demos/timing.c +++ b/demos/timing.c @@ -1325,7 +1325,21 @@ static void time_encmacs(void) time_encmacs_(32); } -#define LTC_TEST_FN(f) { f, #f } +static void LTC_NORETURN die(int status) +{ + FILE* o = status == EXIT_SUCCESS ? stdout : stderr; + fprintf(o, + "Usage: timing [<-h|-l|alg>] [mpi]\n\n" + "Run timing tests of all built-in algorithms, or only the one given in .\n\n" + "\talg\tThe algorithm to test. Use the '-l' option to check for valid values.\n" + "\tmpi\tThe MPI provider to use.\n" + "\t-l\tList all built-in algorithms that can be timed.\n" + "\t-h\tThe help you're looking at.\n" + ); + exit(status); +} + +#define LTC_TEST_FN(f) { time_ ## f, #f } int main(int argc, char **argv) { int err; @@ -1335,26 +1349,37 @@ const struct void (*fn)(void); const char* name; } test_functions[] = { - LTC_TEST_FN(time_keysched), - LTC_TEST_FN(time_cipher_ecb), - LTC_TEST_FN(time_cipher_cbc), - LTC_TEST_FN(time_cipher_ctr), - LTC_TEST_FN(time_cipher_lrw), - LTC_TEST_FN(time_hash), - LTC_TEST_FN(time_macs), - LTC_TEST_FN(time_encmacs), - LTC_TEST_FN(time_prng), - LTC_TEST_FN(time_mult), - LTC_TEST_FN(time_sqr), - LTC_TEST_FN(time_rsa), - LTC_TEST_FN(time_dsa), - LTC_TEST_FN(time_ecc), - LTC_TEST_FN(time_dh), + LTC_TEST_FN(keysched), + LTC_TEST_FN(cipher_ecb), + LTC_TEST_FN(cipher_cbc), + LTC_TEST_FN(cipher_ctr), + LTC_TEST_FN(cipher_lrw), + LTC_TEST_FN(hash), + LTC_TEST_FN(macs), + LTC_TEST_FN(encmacs), + LTC_TEST_FN(prng), + LTC_TEST_FN(mult), + LTC_TEST_FN(sqr), + LTC_TEST_FN(rsa), + LTC_TEST_FN(dsa), + LTC_TEST_FN(ecc), + LTC_TEST_FN(dh), }; char *single_test = NULL; unsigned int i; const char* mpi_provider = NULL; +if (argc > 1) { + if (strstr(argv[1], "-h")) { + die(EXIT_SUCCESS); + } else if (strstr(argv[1], "-l")) { + for (i = 0; i < sizeof(test_functions)/sizeof(test_functions[0]); ++i) { + printf("%s\n", test_functions[i].name); + } + exit(0); + } +} + init_timer(); register_all_ciphers(); register_all_hashes(); @@ -1374,7 +1399,9 @@ register_all_prngs(); mpi_provider = argv[2]; } - crypt_mp_init(mpi_provider); + if (crypt_mp_init(mpi_provider) != CRYPT_OK) { + fprintf(stderr, "Init of MPI provider \"%s\" failed\n", mpi_provider ? mpi_provider : "(null)"); + } if ((err = rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL)) != CRYPT_OK) { fprintf(stderr, "rng_make_prng failed: %s\n", error_to_string(err)); diff --git a/demos/tv_gen.c b/demos/tv_gen.c index 5cef75273..46ed287fe 100644 --- a/demos/tv_gen.c +++ b/demos/tv_gen.c @@ -11,7 +11,8 @@ static void hash_gen(void) out = fopen("hash_tv.txt", "w"); if (out == NULL) { - perror("can't open hash_tv"); + perror("can't open hash_tv.txt"); + return; } fprintf(out, "Hash Test Vectors:\n\nThese are the hashes of nn bytes '00 01 02 03 .. (nn-1)'\n\n"); @@ -766,8 +767,26 @@ static void lrw_gen(void) } #endif -int main(void) +static void LTC_NORETURN die(int status) { + FILE* o = status == EXIT_SUCCESS ? stdout : stderr; + fprintf(o, + "Usage: tv_gen [<-h>]\n\n" + "Generate the internal test-vectors.\n\n" + "\t-h\tThe help you're looking at.\n" + ); + exit(status); +} + +int main(int argc, char **argv) +{ + if (argc > 1) { + if (strstr(argv[1], "-h")) { + die(EXIT_SUCCESS); + } else { + die(EXIT_FAILURE); + } + } register_all_ciphers(); register_all_hashes(); register_all_prngs(); diff --git a/makefile b/makefile index 70d40d654..ddddb6cc9 100644 --- a/makefile +++ b/makefile @@ -13,9 +13,11 @@ endif ifeq ($V,1) silent= silent_stdout= +silent_stderr= else silent=@ silent_stdout= > /dev/null +silent_stderr= 2> /dev/null endif PLATFORM := $(shell uname | sed -e 's/_.*//') diff --git a/makefile_include.mk b/makefile_include.mk index 233133bea..c87550baf 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -55,13 +55,13 @@ endif ifndef EXTRALIBS ifneq ($(shell echo $(CFLAGS) | grep USE_LTM),) -EXTRALIBS=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --libs libtommath) -else -ifneq ($(shell echo $(CFLAGS) | grep USE_TFM),) -EXTRALIBS=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --libs tomsfastmath) -endif -endif +EXTRALIBS=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --libs libtommath ${silent_stderr} || true) +else ifneq ($(shell echo $(CFLAGS) | grep USE_TFM),) +EXTRALIBS=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --libs tomsfastmath ${silent_stderr} || true) +else ifneq ($(shell echo $(CFLAGS) | grep USE_GMP),) +EXTRALIBS=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --libs gmp ${silent_stderr} || true) endif +endif # EXTRALIBS need-help := $(filter help,$(MAKECMDGOALS)) define print-help @@ -77,13 +77,13 @@ endef # make CFLAGS="-I./src/headers/ -DLTC_SOURCE ..." ... # ifneq ($(shell echo $(CFLAGS) | grep LTM_DESC),) -LTC_CFLAGS+=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --cflags-only-I libtommath) +LTC_CFLAGS+=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --cflags-only-I libtommath ${silent_stderr} || true) endif ifneq ($(shell echo $(CFLAGS) | grep TFM_DESC),) -LTC_CFLAGS+=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --cflags-only-I tomsfastmath) +LTC_CFLAGS+=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --cflags-only-I tomsfastmath ${silent_stderr} || true) endif ifneq ($(shell echo $(CFLAGS) | grep GMP_DESC),) -LTC_CFLAGS+=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --cflags-only-I gmp) +LTC_CFLAGS+=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --cflags-only-I gmp ${silent_stderr} || true) endif LTC_CFLAGS += -I./src/headers/ -DLTC_SOURCE -Wall -Wsign-compare -Wshadow @@ -171,18 +171,11 @@ TEST=test USEFUL_DEMOS = hashsum # Demos that are usable but only rarely make sense to be installed -USEABLE_DEMOS = crypt sizes constants pem-info +USEABLE_DEMOS = aesgcm constants crypt openssh-privkey openssl-enc pem-info sizes timing # Demos that are used for testing or measuring TEST_DEMOS = small tv_gen -# Demos that are in one config broken -# aesgcm - can't be built with LTC_EASY -# openssl-enc - can't be built with LTC_EASY -# openssh-privkey - can't be built with LTC_EASY -# timing - not really broken, but older gcc builds spit warnings -BROKEN_DEMOS = aesgcm openssl-enc openssh-privkey timing - # Combine demos in groups UNBROKEN_DEMOS = $(TEST_DEMOS) $(USEABLE_DEMOS) $(USEFUL_DEMOS) DEMOS = $(UNBROKEN_DEMOS) $(BROKEN_DEMOS) diff --git a/src/headers/tomcrypt.h b/src/headers/tomcrypt.h index 5d44c961f..8fddb432c 100644 --- a/src/headers/tomcrypt.h +++ b/src/headers/tomcrypt.h @@ -75,6 +75,10 @@ enum { CRYPT_HASH_OVERFLOW, /* Hash applied to too many bits */ CRYPT_PW_CTX_MISSING, /* Password context to decrypt key file is missing */ CRYPT_UNKNOWN_PEM, /* The PEM header was not recognized */ + + /* Here only follows the number of error codes. + * This will never be returned and shall always be at the end of the enum. */ + CRYPT_ERR_NUM }; #include "tomcrypt_cfg.h" diff --git a/src/headers/tomcrypt_cfg.h b/src/headers/tomcrypt_cfg.h index 294b6bd44..c6c1fe13c 100644 --- a/src/headers/tomcrypt_cfg.h +++ b/src/headers/tomcrypt_cfg.h @@ -91,6 +91,9 @@ LTC_EXPORT int LTC_CALL XSTRCMP(const char *s1, const char *s2); #define ENDIAN_LITTLE #define ENDIAN_64BITWORD #define LTC_FAST + #if defined(_ILP32) || defined(__ILP32__) + #define ENDIAN_64BITWORD_X32 + #endif #endif /* detect PPC32 */ diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index de9f81ccc..8c6d8a7ba 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -11,7 +11,8 @@ #define LTC_PAD_MASK (0xF000U) -#if defined(ENDIAN_64BITWORD) +/* only real 64bit, not x32 */ +#if defined(ENDIAN_64BITWORD) && !defined(ENDIAN_64BITWORD_X32) #define CONSTPTR(n) CONST64(n) #else #define CONSTPTR(n) n ## uL diff --git a/src/misc/error_to_string.c b/src/misc/error_to_string.c index 923636e56..631fdbced 100644 --- a/src/misc/error_to_string.c +++ b/src/misc/error_to_string.c @@ -8,7 +8,7 @@ Convert error codes to ASCII strings, Tom St Denis */ -static const char * const err_2_str[] = +static const char * const err_2_str[CRYPT_ERR_NUM] = { "CRYPT_OK", "CRYPT_ERROR", @@ -44,19 +44,18 @@ static const char * const err_2_str[] = "The input was longer than expected.", - "Invalid sized parameter.", + "Invalid size input for PK parameters.", "Invalid size for prime.", - "Invalid padding.", "Hash applied to too many bits.", - "Password context to decrypt key file is missing.", - "The PEM header was not recognized", }; +LTC_STATIC_ASSERT(correct_err_2_str_size, (sizeof(err_2_str)/sizeof(err_2_str[0])) == CRYPT_ERR_NUM) + /** Convert an LTC error code to ASCII @param err The error code @@ -64,7 +63,7 @@ static const char * const err_2_str[] = */ const char *error_to_string(int err) { - if (err < 0 || err >= (int)(sizeof(err_2_str)/sizeof(err_2_str[0]))) { + if (err < 0 || err >= CRYPT_ERR_NUM) { return "Invalid error code."; } return err_2_str[err]; diff --git a/tests/multi_test.c b/tests/multi_test.c index dc4649804..99b055a54 100644 --- a/tests/multi_test.c +++ b/tests/multi_test.c @@ -15,7 +15,7 @@ int multi_test(void) /* HASH testing */ len = sizeof(buf[0]); -#if defined(ENDIAN_32BITWORD) || defined(_WIN32) +#if defined(ENDIAN_32BITWORD) || defined(_WIN32) || defined(ENDIAN_64BITWORD_X32) len2 = 0x80000000UL; #else /* Check against the max. input limit of SHA-1 as of RFC8017 */