upgrade libtomcrypt

MAINTENANCE

@@ -31,7 +31,7 @@ sqlite3.c
 Update code from https://github.com/libtom/libtomcrypt
 ------------------------------------------------------
 
-Current HEAD: cfbd7f8d364e1438555ff2a247f7e17add11840e
-(from develop branch, 2020-08-29)
+Current HEAD: 1e629e6f64661a01b9f6164a50080c43cd4d7b84
+(from develop branch, 2023-06-22)
 
 Use ./track_libtomcrypt.sh

aes.c

@@ -44,15 +44,6 @@ const struct ltc_cipher_descriptor rijndael_desc =
     NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
-const struct ltc_cipher_descriptor aes_desc =
-{
-    "aes",
-    6,
-    16, 32, 16, 10,
-    SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_DONE, ECB_KS,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
-};
-
 #else
 
 #define SETUP    rijndael_enc_setup
@@ -69,15 +60,6 @@ const struct ltc_cipher_descriptor rijndael_enc_desc =
     NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
-const struct ltc_cipher_descriptor aes_enc_desc =
-{
-    "aes",
-    6,
-    16, 32, 16, 10,
-    SETUP, ECB_ENC, NULL, NULL, ECB_DONE, ECB_KS,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
-};
-
 #endif
 
 #define LTC_AES_TAB_C

compare_testvector.c

@@ -64,12 +64,12 @@ int compare_testvector(const void* is, const unsigned long is_len, const void* s
    }
 #if defined(LTC_TEST) && defined(LTC_TEST_DBG)
    if (res != 0) {
-      fprintf(stderr, "Testvector #%i of %s failed:\n", which, what);
+      fprintf(stderr, "Testvector #%i(0x%x) of %s failed:\n", which, which, what);
       s_print_hex("SHOULD", should, should_len);
       s_print_hex("IS    ", is, is_len);
 #if LTC_TEST_DBG > 1
    } else {
-      fprintf(stderr, "Testvector #%i of %s passed!\n", which, what);
+      fprintf(stderr, "Testvector #%i(0x%x) of %s passed!\n", which, which, what);
 #endif
    }
 #else

pkcs_5_2.c

@@ -36,6 +36,10 @@ int pkcs_5_alg2(const unsigned char *password, unsigned long password_len,
    LTC_ARGCHK(out      != NULL);
    LTC_ARGCHK(outlen   != NULL);
 
+   if (iteration_count <= 0) {
+      return CRYPT_INVALID_ARG;
+   }
+
    /* test hash IDX */
    if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
       return err;

tomcrypt_cfg.h

@@ -3,7 +3,7 @@
 
 /* This is the build config file.
  *
- * With this you can setup what to inlcude/exclude automatically during any build.  Just comment
+ * With this you can setup what to include/exclude automatically during any build.  Just comment
  * out the line that #define's the word for the thing you want to remove.  phew!
  */
 
@@ -91,6 +91,11 @@ LTC_EXPORT int   LTC_CALL XSTRCMP(const char *s1, const char *s2);
    #define ENDIAN_LITTLE
    #define ENDIAN_64BITWORD
    #define LTC_FAST
+   #if defined(__SSE4_1__)
+      #if __SSE4_1__ == 1
+         #define LTC_AMD64_SSE4_1
+      #endif
+   #endif
 #endif
 
 /* detect PPC32 */
@@ -105,7 +110,7 @@ LTC_EXPORT int   LTC_CALL XSTRCMP(const char *s1, const char *s2);
    #define ENDIAN_64BITWORD
    #if defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__)
      #define ENDIAN_BIG
-   #endif
+   #else
      #define ENDIAN_LITTLE
    #endif
 #endif
@@ -182,7 +187,8 @@ LTC_EXPORT int   LTC_CALL XSTRCMP(const char *s1, const char *s2);
       defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ || \
       defined(__BIG_ENDIAN__) || \
       defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \
-      defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__)
+      defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__) || \
+      defined(__m68k__)
     #define ENDIAN_BIG
   #elif defined(_BYTE_ORDER) && _BYTE_ORDER == _LITTLE_ENDIAN || \
       defined(__BYTE_ORDER) && __BYTE_ORDER == __LITTLE_ENDIAN || \
@@ -288,6 +294,21 @@ typedef unsigned long ltc_mp_digit;
    #define LTC_HAVE_ROTATE_BUILTIN
 #endif
 
+#if defined(__GNUC__)
+   #define LTC_ALIGN(n) __attribute__((aligned(n)))
+#else
+   #define LTC_ALIGN(n)
+#endif
+
+/* Define `LTC_NO_NULL_TERMINATION_CHECK` in the user code
+ * before including `tomcrypt.h` to disable this functionality.
+ */
+#if defined(__GNUC__) && __GNUC__ >= 4 && !defined(LTC_NO_NULL_TERMINATION_CHECK)
+#   define LTC_NULL_TERMINATED __attribute__((sentinel))
+#else
+#   define LTC_NULL_TERMINATED
+#endif
+
 #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 405)
 #  define LTC_DEPRECATED(s) __attribute__((deprecated("replaced by " #s)))
 #  define PRIVATE_LTC_DEPRECATED_PRAGMA(s) _Pragma(#s)
@@ -303,3 +324,5 @@ typedef unsigned long ltc_mp_digit;
 #  define LTC_DEPRECATED(s)
 #  define LTC_DEPRECATED_PRAGMA(s)
 #endif
+
+#endif /* TOMCRYPT_CFG_H */

tomcrypt_cipher.h

@@ -35,7 +35,8 @@ struct saferp_key {
 
 #ifdef LTC_RIJNDAEL
 struct rijndael_key {
-   ulong32 eK[60], dK[60];
+   ulong32 eK[60] LTC_ALIGN(16);
+   ulong32 dK[60] LTC_ALIGN(16);
    int Nr;
 };
 #endif
@@ -318,9 +319,9 @@ typedef struct {
                        ctrlen;
 
    /** The counter */
-   unsigned char       ctr[MAXBLOCKSIZE],
+   unsigned char       ctr[MAXBLOCKSIZE];
    /** The pad used to encrypt/decrypt */
-                       pad[MAXBLOCKSIZE];
+   unsigned char       pad[MAXBLOCKSIZE] LTC_ALIGN(16);
    /** The scheduled key */
    symmetric_key       key;
 } symmetric_CTR;
@@ -688,18 +689,19 @@ extern const struct ltc_cipher_descriptor safer_k64_desc, safer_k128_desc, safer
 #endif
 
 #ifdef LTC_RIJNDAEL
-
-/* make aes an alias */
-#define aes_setup           rijndael_setup
-#define aes_ecb_encrypt     rijndael_ecb_encrypt
-#define aes_ecb_decrypt     rijndael_ecb_decrypt
-#define aes_test            rijndael_test
-#define aes_done            rijndael_done
-#define aes_keysize         rijndael_keysize
-
-#define aes_enc_setup           rijndael_enc_setup
-#define aes_enc_ecb_encrypt     rijndael_enc_ecb_encrypt
-#define aes_enc_keysize         rijndael_enc_keysize
+/* declare aes properly now */
+int aes_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
+int aes_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
+int aes_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey);
+int aes_test(void);
+void aes_done(symmetric_key *skey);
+int aes_keysize(int *keysize);
+int aes_enc_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
+int aes_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
+void aes_enc_done(symmetric_key *skey);
+int aes_enc_keysize(int *keysize);
+extern const struct ltc_cipher_descriptor aes_desc;
+extern const struct ltc_cipher_descriptor aes_enc_desc;
 
 int rijndael_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
 int rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
@@ -711,8 +713,19 @@ int rijndael_enc_setup(const unsigned char *key, int keylen, int num_rounds, sym
 int rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
 void rijndael_enc_done(symmetric_key *skey);
 int rijndael_enc_keysize(int *keysize);
-extern const struct ltc_cipher_descriptor rijndael_desc, aes_desc;
-extern const struct ltc_cipher_descriptor rijndael_enc_desc, aes_enc_desc;
+extern const struct ltc_cipher_descriptor rijndael_desc;
+extern const struct ltc_cipher_descriptor rijndael_enc_desc;
+#endif
+
+#if defined(LTC_AES_NI) && defined(LTC_AMD64_SSE4_1)
+int aesni_is_supported(void);
+int aesni_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
+int aesni_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
+int aesni_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey);
+int aesni_test(void);
+void aesni_done(symmetric_key *skey);
+int aesni_keysize(int *keysize);
+extern const struct ltc_cipher_descriptor aesni_desc;
 #endif
 
 #ifdef LTC_XTEA

tomcrypt_custom.h

@@ -114,7 +114,7 @@
 
    #define LTC_NO_MISC
    #define LTC_BASE64
-#endif
+#endif /* LTC_EASY */
 
 /* The minimal set of functionality to run the tests */
 #ifdef LTC_MINIMAL
@@ -129,7 +129,7 @@
    #define LTC_TRY_URANDOM_FIRST
 
    #undef LTC_NO_FILE
-#endif
+#endif /* LTC_MINIMAL */
 
 /* Enable self-test test vector checking */
 #ifndef LTC_NO_TEST
@@ -179,6 +179,7 @@
 #define LTC_RC6
 #define LTC_SAFERP
 #define LTC_RIJNDAEL
+#define LTC_AES_NI
 #define LTC_XTEA
 /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format
  * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */
@@ -357,7 +358,7 @@
   #define LTC_YARROW_AES 2
 #endif
 
-#endif
+#endif /* LTC_YARROW */
 
 #ifdef LTC_FORTUNA
 
@@ -553,7 +554,7 @@
    #define LTC_ECC_SECP384R1
    #define LTC_ECC_SECP521R1
 #endif
-#endif
+#endif /* LTC_MECC */
 
 #if defined(LTC_DER)
    #ifndef LTC_DER_MAX_RECURSION
@@ -585,6 +586,11 @@
    #define LTC_PBES
 #endif
 
+#if defined(LTC_CLEAN_STACK)
+/* if you're sure that you want to use it, remove the line below */
+   #error LTC_CLEAN_STACK is considered as broken
+#endif
+
 #if defined(LTC_PBES) && !defined(LTC_PKCS_5)
    #error LTC_PBES requires LTC_PKCS_5
 #endif
@@ -685,15 +691,13 @@
 #define LTC_MUTEX_UNLOCK(x)
 #define LTC_MUTEX_DESTROY(x)
 
-#endif
+#endif /* LTC_PTHREAD */
 
 /* Debuggers */
 
 /* define this if you use Valgrind, note: it CHANGES the way SOBER-128 and RC4 work (see the code) */
 /* #define LTC_VALGRIND */
 
-#endif
-
 #ifndef LTC_NO_FILE
    /* buffer size for reading from a file via fread(..) */
    #ifndef LTC_FILE_READ_BUFSIZE
@@ -734,3 +738,5 @@
 #define LTC_ECC_SECP521R1
 #undef LTC_ECC521
 #endif
+
+#endif /* TOMCRYPT_CUSTOM_H_ */

tomcrypt_hash.h

@@ -494,7 +494,8 @@ int hash_memory(int hash,
                 const unsigned char *in,  unsigned long inlen,
                       unsigned char *out, unsigned long *outlen);
 int hash_memory_multi(int hash, unsigned char *out, unsigned long *outlen,
-                      const unsigned char *in, unsigned long inlen, ...);
+                      const unsigned char *in, unsigned long inlen, ...)
+                      LTC_NULL_TERMINATED;
 
 #ifndef LTC_NO_FILE
 int hash_filehandle(int hash, FILE *in, unsigned char *out, unsigned long *outlen);