From 87d51de391daa097a7c6e5eb5f56e747f5528020 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 2 Jun 2025 17:28:17 +0200 Subject: [PATCH 01/19] Improve variable naming Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_private.h | 2 +- src/misc/pem/pem_pkcs.c | 40 +++++++++++++++++----------------- src/misc/pem/pem_read.c | 14 ++++++------ 3 files changed, 28 insertions(+), 28 deletions(-) diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 577a00d74..854f8364b 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -387,7 +387,7 @@ int pem_decrypt(unsigned char *data, unsigned long *datalen, int pem_get_char_from_file(struct get_char *g); #endif /* LTC_NO_FILE */ int pem_get_char_from_buf(struct get_char *g); -int pem_read(void *pem, unsigned long *w, struct pem_headers *hdr, struct get_char *g); +int pem_read(void *asn1_cert, unsigned long *asn1_len, struct pem_headers *hdr, struct get_char *g); #endif /* tomcrypt_pk.h */ diff --git a/src/misc/pem/pem_pkcs.c b/src/misc/pem/pem_pkcs.c index f3d5bd8d3..0411d6427 100644 --- a/src/misc/pem/pem_pkcs.c +++ b/src/misc/pem/pem_pkcs.c @@ -12,7 +12,7 @@ extern const struct pem_header_id pem_std_headers[]; extern const unsigned long pem_std_headers_num; -static int s_decrypt_pem(unsigned char *pem, unsigned long *l, const struct pem_headers *hdr) +static int s_decrypt_pem(unsigned char *asn1_cert, unsigned long *asn1_len, const struct pem_headers *hdr) { unsigned char iv[MAXBLOCKSIZE], key[MAXBLOCKSIZE]; unsigned long ivlen, klen; @@ -34,7 +34,7 @@ static int s_decrypt_pem(unsigned char *pem, unsigned long *l, const struct pem_ return err; } - err = pem_decrypt(pem, l, key, klen, iv, ivlen, NULL, 0, &hdr->info, LTC_PAD_PKCS7); + err = pem_decrypt(asn1_cert, asn1_len, key, klen, iv, ivlen, NULL, 0, &hdr->info, LTC_PAD_PKCS7); zeromem(key, sizeof(key)); zeromem(iv, sizeof(iv)); @@ -82,12 +82,12 @@ static const import_fn s_import_x509_fns[LTC_PKA_NUM] = { #endif }; -static int s_import_x509(unsigned char *pem, unsigned long l, ltc_pka_key *k) +static int s_import_x509(unsigned char *asn1_cert, unsigned long asn1_len, ltc_pka_key *k) { enum ltc_pka_id pka = LTC_PKA_UNDEF; ltc_asn1_list *d, *spki; int err; - if ((err = x509_decode_spki(pem, l, &d, &spki)) != CRYPT_OK) { + if ((err = x509_decode_spki(asn1_cert, asn1_len, &d, &spki)) != CRYPT_OK) { return err; } err = s_get_pka(spki, &pka); @@ -100,19 +100,19 @@ static int s_import_x509(unsigned char *pem, unsigned long l, ltc_pka_key *k) || s_import_x509_fns[pka] == NULL) { return CRYPT_PK_INVALID_TYPE; } - if ((err = s_import_x509_fns[pka](pem, l, &k->u)) == CRYPT_OK) { + if ((err = s_import_x509_fns[pka](asn1_cert, asn1_len, &k->u)) == CRYPT_OK) { k->id = pka; } return err; } -static int s_import_pkcs8(unsigned char *pem, unsigned long l, ltc_pka_key *k, const password_ctx *pw_ctx) +static int s_import_pkcs8(unsigned char *asn1_cert, unsigned long asn1_len, ltc_pka_key *k, const password_ctx *pw_ctx) { int err; enum ltc_oid_id pka; ltc_asn1_list *alg_id, *priv_key; ltc_asn1_list *p8_asn1 = NULL; - if ((err = pkcs8_decode_flexi(pem, l, pw_ctx, &p8_asn1)) != CRYPT_OK) { + if ((err = pkcs8_decode_flexi(asn1_cert, asn1_len, pw_ctx, &p8_asn1)) != CRYPT_OK) { goto cleanup; } if ((err = pkcs8_get_children(p8_asn1, &pka, &alg_id, &priv_key)) != CRYPT_OK) { @@ -164,11 +164,11 @@ static int s_import_pkcs8(unsigned char *pem, unsigned long l, ltc_pka_key *k, c return err; } -static int s_extract_pka(unsigned char *pem, unsigned long w, enum ltc_pka_id *pka) +static int s_extract_pka(unsigned char *asn1_cert, unsigned long asn1_len, enum ltc_pka_id *pka) { ltc_asn1_list *pub; int err = CRYPT_ERROR; - if ((err = der_decode_sequence_flexi(pem, &w, &pub)) != CRYPT_OK) { + if ((err = der_decode_sequence_flexi(asn1_cert, &asn1_len, &pub)) != CRYPT_OK) { return err; } err = s_get_pka(pub, pka); @@ -194,8 +194,8 @@ static const import_fn s_import_openssl_fns[LTC_PKA_NUM] = { static int s_decode(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_ctx) { - unsigned char *pem = NULL; - unsigned long w, l, n; + unsigned char *asn1_cert = NULL; + unsigned long w, asn1_len, n; int err = CRYPT_ERROR; struct pem_headers hdr = { 0 }; struct password pw = { 0 }; @@ -203,10 +203,10 @@ static int s_decode(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_c XMEMSET(k, 0, sizeof(*k)); w = LTC_PEM_READ_BUFSIZE * 2; retry: - pem = XREALLOC(pem, w); + asn1_cert = XREALLOC(asn1_cert, w); for (n = 0; n < pem_std_headers_num; ++n) { hdr.id = &pem_std_headers[n]; - err = pem_read(pem, &w, &hdr, g); + err = pem_read(asn1_cert, &w, &hdr, g); if (err == CRYPT_BUFFER_OVERFLOW) { goto retry; } else if (err == CRYPT_OK) { @@ -219,15 +219,15 @@ static int s_decode(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_c /* id not found */ if (hdr.id == NULL) goto cleanup; - l = w; + asn1_len = w; if (hdr.id->flags & pf_pkcs8) { - err = s_import_pkcs8(pem, l, k, pw_ctx); + err = s_import_pkcs8(asn1_cert, asn1_len, k, pw_ctx); goto cleanup; } else if (hdr.id->flags == pf_x509) { - err = s_import_x509(pem, l, k); + err = s_import_x509(asn1_cert, asn1_len, k); goto cleanup; } else if ((hdr.id->flags & pf_public) && hdr.id->pka == LTC_PKA_UNDEF) { - if ((err = s_extract_pka(pem, w, &pka)) != CRYPT_OK) { + if ((err = s_extract_pka(asn1_cert, asn1_len, &pka)) != CRYPT_OK) { goto cleanup; } } else if (hdr.encrypted) { @@ -242,7 +242,7 @@ static int s_decode(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_c goto cleanup; } - if ((err = s_decrypt_pem(pem, &l, &hdr)) != CRYPT_OK) { + if ((err = s_decrypt_pem(asn1_cert, &asn1_len, &hdr)) != CRYPT_OK) { goto cleanup; } pka = hdr.id->pka; @@ -256,13 +256,13 @@ static int s_decode(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_c err = CRYPT_PK_INVALID_TYPE; goto cleanup; } - if ((err = s_import_openssl_fns[pka](pem, l, &k->u)) == CRYPT_OK) { + if ((err = s_import_openssl_fns[pka](asn1_cert, asn1_len, &k->u)) == CRYPT_OK) { k->id = pka; } cleanup: password_free(hdr.pw, pw_ctx); - XFREE(pem); + XFREE(asn1_cert); return err; } diff --git a/src/misc/pem/pem_read.c b/src/misc/pem/pem_read.c index 3625b1a29..bef454433 100644 --- a/src/misc/pem/pem_read.c +++ b/src/misc/pem/pem_read.c @@ -176,11 +176,11 @@ static int s_pem_decode_headers(struct pem_headers *hdr, struct get_char *g) return CRYPT_OK; } -int pem_read(void *pem, unsigned long *w, struct pem_headers *hdr, struct get_char *g) +int pem_read(void *asn1_cert, unsigned long *asn1_len, struct pem_headers *hdr, struct get_char *g) { char buf[LTC_PEM_DECODE_BUFSZ]; - char *wpem = pem; - char *end = wpem + *w; + char *wpem = asn1_cert; + char *end = wpem + *asn1_len; unsigned long slen, linelen; int err, hdr_ok = 0; int would_overflow = 0; @@ -226,16 +226,16 @@ int pem_read(void *pem, unsigned long *w, struct pem_headers *hdr, struct get_ch /* NUL termination */ wpem++; /* prevent a wrap-around */ - if (wpem < (char*)pem) + if (wpem < (char*)asn1_cert) return CRYPT_OVERFLOW; - *w = wpem - (char*)pem; + *asn1_len = wpem - (char*)asn1_cert; return CRYPT_BUFFER_OVERFLOW; } - *w = wpem - (char*)pem; + *asn1_len = wpem - (char*)asn1_cert; *wpem++ = '\0'; - if ((err = base64_strict_decode(pem, *w, pem, w)) != CRYPT_OK) { + if ((err = base64_strict_decode(asn1_cert, *asn1_len, asn1_cert, asn1_len)) != CRYPT_OK) { return err; } return CRYPT_OK; From 6fe391956d31ac70e202c6a42177cf2de60d134a Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 2 Jun 2025 17:35:08 +0200 Subject: [PATCH 02/19] Fix/improve some install/uninstall make targets Signed-off-by: Steffen Jaeckel --- makefile_include.mk | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/makefile_include.mk b/makefile_include.mk index e07a33d7d..a9f74a8de 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -494,7 +494,7 @@ $(DESTDIR)$(BINPATH): install -p -d $(DESTDIR)$(BINPATH) .common_install_bins: $(USEFUL_DEMOS) $(DESTDIR)$(BINPATH) - for d in $(USEFUL_DEMOS); do $(INSTALL_CMD) -p -m 775 $$d $(DESTDIR)$(BINPATH)/ltc-$$d + for d in $(USEFUL_DEMOS); do $(INSTALL_CMD) -p -m 775 $$d $(DESTDIR)$(BINPATH)/ltc-$$d; done $(INSTALL_CMD) -p -m 775 demos/ltc $(DESTDIR)$(BINPATH) install_docs: $(call print-help,install_docs,Installs the Developer Manual) doc/crypt.pdf @@ -502,7 +502,7 @@ install_docs: $(call print-help,install_docs,Installs the Developer Manual) doc/ install -p -m 644 doc/crypt.pdf $(DESTDIR)$(DATAPATH) install_test: $(call print-help,install_test,Installs the self-test binary) test $(DESTDIR)$(BINPATH) - $(INSTALL_CMD) -p -m 775 $< $(DESTDIR)$(BINPATH) + $(INSTALL_CMD) -p -m 775 $< $(DESTDIR)$(BINPATH)/ltc-$< install_hooks: $(call print-help,install_hooks,Installs the git hooks) for s in `ls hooks/`; do ln -s ../../hooks/$$s .git/hooks/$$s; done @@ -510,6 +510,7 @@ install_hooks: $(call print-help,install_hooks,Installs the git hooks) HEADER_FILES=$(notdir $(HEADERS_PUB)) .common_uninstall: $(UNINSTALL_CMD) $(DESTDIR)$(LIBPATH)/$(LIBNAME) + for d in $(USEFUL_DEMOS) test; do rm -f $(DESTDIR)$(BINPATH)/ltc-$$d; done $(UNINSTALL_CMD) $(HEADER_FILES:%=$(DESTDIR)$(INCPATH)/%) #This rule cleans the source tree of all compiled code, not including the pdf From cb12f2e7d0cc32d4660488a7c13ddc646ec99d68 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 16 Jun 2025 14:09:09 +0200 Subject: [PATCH 03/19] Clarify some test descriptions Signed-off-by: Steffen Jaeckel --- tests/dsa_test.c | 14 +++++++------- tests/rsa_test.c | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/dsa_test.c b/tests/dsa_test.c index f997af648..53fe3da77 100644 --- a/tests/dsa_test.c +++ b/tests/dsa_test.c @@ -152,12 +152,12 @@ static int s_dsa_compat_test(void) x = sizeof(tmp); DO(dsa_export(tmp, &x, PK_PRIVATE | PK_STD, &key)); DO(do_compare_testvector(tmp, x, ltc_dsa_private_test_key, sizeof(ltc_dsa_private_test_key), - "DSA private export failed from dsa_import(priv_key)\n", __LINE__)); + "DSA private export from dsa_import(priv_key)\n", __LINE__); x = sizeof(tmp); DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key)); DO(do_compare_testvector(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa), - "DSA public export failed from dsa_import(priv_key)\n", __LINE__)); + "DSA public export from dsa_import(priv_key)\n", __LINE__); dsa_free(&key); DO(dsa_import(openssl_pub_dsa, sizeof(openssl_pub_dsa), &key)); @@ -165,7 +165,7 @@ static int s_dsa_compat_test(void) x = sizeof(tmp); DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key)); DO(do_compare_testvector(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa), - "DSA public export failed from dsa_import(pub_key)\n", __LINE__)); + "DSA public export from dsa_import(pub_key)\n", __LINE__); dsa_free(&key); /* try import private key from raw hexadecimal numbers */ @@ -188,7 +188,7 @@ static int s_dsa_compat_test(void) len = sizeof(buf); DO(dsa_export(buf, &len, PK_PRIVATE | PK_STD, &key)); DO(do_compare_testvector(buf, len, ltc_dsa_private_test_key, sizeof(ltc_dsa_private_test_key), - "DSA private export failed from dsa_set_pqg() & dsa_set_key()\n", __LINE__)); + "DSA private export from dsa_set_pqg() & dsa_set_key()\n", __LINE__)); dsa_free(&key); /* try import public key from raw hexadecimal numbers */ @@ -202,7 +202,7 @@ static int s_dsa_compat_test(void) len = sizeof(buf); DO(dsa_export(buf, &len, PK_PUBLIC | PK_STD, &key)); DO(do_compare_testvector(buf, len, openssl_pub_dsa, sizeof(openssl_pub_dsa), - "DSA public export failed from dsa_set_pqg() & dsa_set_key()\n", __LINE__)); + "DSA public export from dsa_set_pqg() & dsa_set_key()\n", __LINE__)); dsa_free(&key); /* try import dsaparam */ @@ -224,7 +224,7 @@ static int s_dsa_compat_test(void) len = sizeof(buf); DO(dsa_export(buf, &len, PK_PUBLIC | PK_STD, &key)); DO(do_compare_testvector(buf, len, openssl_pub_dsa, sizeof(openssl_pub_dsa), - "DSA public export failed from dsa_set_pqg_dsaparam()\n", __LINE__)); + "DSA public export from dsa_set_pqg_dsaparam()\n", __LINE__)); dsa_free(&key); /* try import dsaparam - our private key */ @@ -235,7 +235,7 @@ static int s_dsa_compat_test(void) len = sizeof(buf); DO(dsa_export(buf, &len, PK_PRIVATE | PK_STD, &key)); DO(do_compare_testvector(buf, len, ltc_dsa_private_test_key, sizeof(ltc_dsa_private_test_key), - "DSA private export failed from dsa_set_pqg_dsaparam()\n", __LINE__)); + "DSA private export from dsa_set_pqg_dsaparam()\n", __LINE__)); dsa_free(&key); return CRYPT_OK; diff --git a/tests/rsa_test.c b/tests/rsa_test.c index b0fe5a459..53df0a136 100644 --- a/tests/rsa_test.c +++ b/tests/rsa_test.c @@ -767,7 +767,7 @@ print_hex("q", tmp, len); DO(rsa_import_x509(tmp, len3, &key)); len = sizeof(tmp); DO(rsa_export(tmp, &len, PK_PUBLIC, &key)); - DO(do_compare_testvector(tmp, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export failed to match rsa_import_x509", 0)); + COMPARE_TESTVECTOR(tmp, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export to match rsa_import_x509", 0); rsa_free(&key); len3 = sizeof(tmp); From 6155a33e5fa9458b27a363558f0c912d58aad436 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 16 Jun 2025 14:09:33 +0200 Subject: [PATCH 04/19] Use `COMPARE_TESTVECTOR()` consistently Signed-off-by: Steffen Jaeckel --- tests/base16_test.c | 6 +++--- tests/base32_test.c | 6 +++--- tests/base64_test.c | 26 +++++++++++++------------- tests/bcrypt_test.c | 2 +- tests/der_test.c | 4 ++-- tests/dh_test.c | 22 +++++++++++----------- tests/dsa_test.c | 6 +++--- tests/ecc_test.c | 2 +- tests/ed25519_test.c | 12 ++++++------ tests/file_test.c | 20 ++++++++++---------- tests/mpi_test.c | 8 ++++---- tests/rsa_test.c | 22 +++++++++++----------- tests/x25519_test.c | 6 +++--- 13 files changed, 71 insertions(+), 71 deletions(-) diff --git a/tests/base16_test.c b/tests/base16_test.c index 0e526710b..16ea312e8 100644 --- a/tests/base16_test.c +++ b/tests/base16_test.c @@ -25,17 +25,17 @@ int base16_test(void) DO(base16_encode(in, x, out, &l1, idx)); l2 = sizeof(tmp); DO(base16_decode(out, l1, tmp, &l2)); - DO(do_compare_testvector(tmp, l2, in, x, "random base16", idx * 100 + x)); + COMPARE_TESTVECTOR(tmp, l2, in, x, "random base16", idx * 100 + x); } } for (idx = 0; idx < 2; idx++) { l1 = sizeof(out); DO(base16_encode(testin, sizeof(testin), out, &l1, idx)); - DO(do_compare_testvector(out, XSTRLEN(out), testout[idx], XSTRLEN(testout[idx]), "testout base16", idx)); + COMPARE_TESTVECTOR(out, XSTRLEN(out), testout[idx], XSTRLEN(testout[idx]), "testout base16", idx); l2 = sizeof(tmp); DO(base16_decode(out, l1, tmp, &l2)); - DO(do_compare_testvector(tmp, l2, testin, sizeof(testin), "testin base16", idx)); + COMPARE_TESTVECTOR(tmp, l2, testin, sizeof(testin), "testin base16", idx); } l1 = 4; diff --git a/tests/base32_test.c b/tests/base32_test.c index 365f608e5..3e5d73b1b 100644 --- a/tests/base32_test.c +++ b/tests/base32_test.c @@ -32,17 +32,17 @@ int base32_test(void) DO(base32_encode(in, x, out, &l1, testid[idx])); l2 = sizeof(tmp); DO(base32_decode(out, l1, tmp, &l2, testid[idx])); - DO(do_compare_testvector(tmp, l2, in, x, "random base32", idx * 100 + x)); + COMPARE_TESTVECTOR(tmp, l2, in, x, "random base32", idx * 100 + x); } } for (idx = 0; idx < 4; idx++) { l1 = sizeof(out); DO(base32_encode(testin, sizeof(testin), out, &l1, testid[idx])); - DO(do_compare_testvector(out, l1, testout[idx], XSTRLEN(testout[idx]), "testout base32", idx)); + COMPARE_TESTVECTOR(out, l1, testout[idx], XSTRLEN(testout[idx]), "testout base32", idx); l2 = sizeof(tmp); DO(base32_decode(out, l1, tmp, &l2, testid[idx])); - DO(do_compare_testvector(tmp, l2, testin, sizeof(testin), "testin base32", idx)); + COMPARE_TESTVECTOR(tmp, l2, testin, sizeof(testin), "testin base32", idx); } return CRYPT_OK; diff --git a/tests/base64_test.c b/tests/base64_test.c index 2be927a33..2a5e5e7a8 100644 --- a/tests/base64_test.c +++ b/tests/base64_test.c @@ -76,24 +76,24 @@ int base64_test(void) l1 = sizeof(tmp); if(url_cases[x].flag == strict) { DO(base64url_strict_decode(url_cases[x].s, slen1, tmp, &l1)); - DO(do_compare_testvector(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_strict_decode", x)); + COMPARE_TESTVECTOR(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_strict_decode", x); DO(base64url_sane_decode(url_cases[x].s, slen1, tmp, &l1)); - DO(do_compare_testvector(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_sane_decode/strict", x)); + COMPARE_TESTVECTOR(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_sane_decode/strict", x); DO(base64url_decode(url_cases[x].s, slen1, tmp, &l1)); - DO(do_compare_testvector(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_decode/strict", x)); + COMPARE_TESTVECTOR(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_decode/strict", x); } else if(url_cases[x].flag == relaxed) { DO(base64url_strict_decode(url_cases[x].s, slen1, tmp, &l1) == CRYPT_INVALID_PACKET ? CRYPT_OK : CRYPT_FAIL_TESTVECTOR); DO(base64url_sane_decode(url_cases[x].s, slen1, tmp, &l1)); - DO(do_compare_testvector(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_sane_decode/relaxed", x)); + COMPARE_TESTVECTOR(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_sane_decode/relaxed", x); DO(base64url_decode(url_cases[x].s, slen1, tmp, &l1)); - DO(do_compare_testvector(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_decode/relaxed", x)); + COMPARE_TESTVECTOR(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_decode/relaxed", x); } else if(url_cases[x].flag == insane) { DO(base64url_strict_decode(url_cases[x].s, slen1, tmp, &l1) == CRYPT_INVALID_PACKET ? CRYPT_OK : CRYPT_FAIL_TESTVECTOR); DO(base64url_sane_decode(url_cases[x].s, slen1, tmp, &l1) == CRYPT_INVALID_PACKET ? CRYPT_OK : CRYPT_FAIL_TESTVECTOR); DO(base64url_decode(url_cases[x].s, slen1, tmp, &l1)); - DO(do_compare_testvector(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_decode/insane", x)); + COMPARE_TESTVECTOR(tmp, l1, special_case, sizeof(special_case) - 1, "base64url_decode/insane", x); } else { /* invalid */ DO(base64url_strict_decode(url_cases[x].s, slen1, tmp, &l1) == CRYPT_INVALID_PACKET ? CRYPT_OK : CRYPT_FAIL_TESTVECTOR); @@ -103,11 +103,11 @@ int base64_test(void) l2 = sizeof(out); if(x == 0) { DO(base64url_encode(tmp, l1, out, &l2)); - DO(do_compare_testvector(out, l2, url_cases[x].s, XSTRLEN(url_cases[x].s), "base64url_encode", x)); + COMPARE_TESTVECTOR(out, l2, url_cases[x].s, XSTRLEN(url_cases[x].s), "base64url_encode", x); } if(x == 1) { DO(base64url_strict_encode(tmp, l1, out, &l2)); - DO(do_compare_testvector(out, l2, url_cases[x].s, XSTRLEN(url_cases[x].s), "base64url_strict_encode", x)); + COMPARE_TESTVECTOR(out, l2, url_cases[x].s, XSTRLEN(url_cases[x].s), "base64url_strict_encode", x); } } #endif @@ -119,14 +119,14 @@ int base64_test(void) slen1 = XSTRLEN(cases[x].s); l1 = sizeof(out); DO(base64_encode((unsigned char*)cases[x].s, slen1, out, &l1)); - DO(do_compare_testvector(out, l1, cases[x].b64, XSTRLEN(cases[x].b64), "base64_encode", x)); + COMPARE_TESTVECTOR(out, l1, cases[x].b64, XSTRLEN(cases[x].b64), "base64_encode", x); l2 = sizeof(tmp); DO(base64_strict_decode(out, l1, tmp, &l2)); - DO(do_compare_testvector(tmp, l2, cases[x].s, slen1, "base64_strict_decode", x)); + COMPARE_TESTVECTOR(tmp, l2, cases[x].s, slen1, "base64_strict_decode", x); DO(base64_sane_decode(out, l1, tmp, &l2)); - DO(do_compare_testvector(tmp, l2, cases[x].s, slen1, "base64_sane_decode", x)); + COMPARE_TESTVECTOR(tmp, l2, cases[x].s, slen1, "base64_sane_decode", x); DO(base64_decode(out, l1, tmp, &l2)); - DO(do_compare_testvector(tmp, l2, cases[x].s, slen1, "base64_decode", x)); + COMPARE_TESTVECTOR(tmp, l2, cases[x].s, slen1, "base64_decode", x); } for (x = 0; x < 64; x++) { @@ -135,7 +135,7 @@ int base64_test(void) DO(base64_encode(in, x, out, &l1)); l2 = sizeof(tmp); DO(base64_decode(out, l1, tmp, &l2)); - DO(do_compare_testvector(tmp, x, in, x, "random base64", x)); + COMPARE_TESTVECTOR(tmp, x, in, x, "random base64", x); } x--; diff --git a/tests/bcrypt_test.c b/tests/bcrypt_test.c index 0895d4231..41822a00f 100644 --- a/tests/bcrypt_test.c +++ b/tests/bcrypt_test.c @@ -125,7 +125,7 @@ int bcrypt_test(void) l = t->keylen; XMEMSET(key, 0, sizeof(key)); DO(bcrypt_pbkdf_openbsd(t->password, t->passlen, (unsigned char*)t->salt, t->saltlen, t->rounds, idx, key, &l)); - DO(do_compare_testvector(key, l, t->key, t->keylen, "OpenBSD testvectors", i)); + COMPARE_TESTVECTOR(key, l, t->key, t->keylen, "OpenBSD testvectors", i); #if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 1 printf("BCRYPT test #%d OK\n", i); diff --git a/tests/der_test.c b/tests/der_test.c index 686f8f41d..4823741a7 100644 --- a/tests/der_test.c +++ b/tests/der_test.c @@ -733,7 +733,7 @@ static void s_der_oid_test(void) DO(der_encode_object_identifier(decoded_list->data, decoded_list->size, buf, &len)); der_sequence_free(decoded_list); - DO(do_compare_testvector(buf, len, oid_x690_8_19_5_example, sizeof(oid_x690_8_19_5_example), "OID X6.90 Ch. 8.19.5 Example", 0)); + COMPARE_TESTVECTOR(buf, len, oid_x690_8_19_5_example, sizeof(oid_x690_8_19_5_example), "OID X6.90 Ch. 8.19.5 Example", 0); oid[0] = 3; oid[1] = 4; @@ -1295,7 +1295,7 @@ static void der_Xcode_run(const der_Xcode_t* x) d2 = XREALLOC(d2, l2 * x->type_sz); } DO(x->decode(d1, l1, d2, &l2)); - DO(do_compare_testvector(d2, (l2/x->factor) * x->type_sz, x->in, x->in_sz, x->what, __LINE__)); + COMPARE_TESTVECTOR(d2, (l2/x->factor) * x->type_sz, x->in, x->in_sz, x->what, __LINE__); XFREE(d2); XFREE(d1); } diff --git a/tests/dh_test.c b/tests/dh_test.c index 1900eb030..9bde5f9d2 100644 --- a/tests/dh_test.c +++ b/tests/dh_test.c @@ -125,7 +125,7 @@ static int s_dhparam_test(void) return CRYPT_ERROR; } DO(ltc_mp_to_unsigned_bin(k.prime, buf)); - DO(do_compare_testvector(buf, sizeof(prime), prime, sizeof(prime), "dhparam_test: prime mismatch", 1)); + COMPARE_TESTVECTOR(buf, sizeof(prime), prime, sizeof(prime), "dhparam_test: prime mismatch", 1); if (ltc_mp_cmp_d(k.base, 2) != LTC_MP_EQ) { printf("dhparam_test: base mismatch\n"); dh_free(&k); @@ -259,16 +259,16 @@ static int s_set_test(void) len = sizeof(buf); DO(dh_export(buf, &len, PK_PRIVATE, &k1)); - DO(do_compare_testvector(buf, len, export_private, sizeof(export_private), "radix_test: dh_export+PK_PRIVATE mismatch", i*10 + 0)); + COMPARE_TESTVECTOR(buf, len, export_private, sizeof(export_private), "radix_test: dh_export+PK_PRIVATE mismatch", i*10 + 0); len = sizeof(buf); DO(dh_export(buf, &len, PK_PUBLIC, &k1)); - DO(do_compare_testvector(buf, len, export_public, sizeof(export_public), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 1)); + COMPARE_TESTVECTOR(buf, len, export_public, sizeof(export_public), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 1); len = sizeof(buf); DO(dh_export_key(buf, &len, PK_PRIVATE, &k1)); - DO(do_compare_testvector(buf, len, xbin, sizeof(xbin), "radix_test: dh_export+PK_PRIVATE mismatch", i*10 + 2)); + COMPARE_TESTVECTOR(buf, len, xbin, sizeof(xbin), "radix_test: dh_export+PK_PRIVATE mismatch", i*10 + 2); len = sizeof(buf); DO(dh_export_key(buf, &len, PK_PUBLIC, &k1)); - DO(do_compare_testvector(buf, len, ybin, sizeof(ybin), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 3)); + COMPARE_TESTVECTOR(buf, len, ybin, sizeof(ybin), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 3); dh_free(&k1); DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k1)); @@ -276,10 +276,10 @@ static int s_set_test(void) len = sizeof(buf); DO(dh_export(buf, &len, PK_PRIVATE, &k1)); - DO(do_compare_testvector(buf, len, export_private, sizeof(export_private), "radix_test: dh_export+PK_PRIVATE mismatc", i*10 + 4)); + COMPARE_TESTVECTOR(buf, len, export_private, sizeof(export_private), "radix_test: dh_export+PK_PRIVATE mismatc", i*10 + 4); len = sizeof(buf); DO(dh_export(buf, &len, PK_PUBLIC, &k1)); - DO(do_compare_testvector(buf, len, export_public, sizeof(export_public), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 5)); + COMPARE_TESTVECTOR(buf, len, export_public, sizeof(export_public), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 5); dh_free(&k1); DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k2)); @@ -287,10 +287,10 @@ static int s_set_test(void) len = sizeof(buf); DO(dh_export(buf, &len, PK_PUBLIC, &k2)); - DO(do_compare_testvector(buf, len, export_public, sizeof(export_public), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 6)); + COMPARE_TESTVECTOR(buf, len, export_public, sizeof(export_public), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 6); len = sizeof(buf); DO(dh_export_key(buf, &len, PK_PUBLIC, &k2)); - DO(do_compare_testvector(buf, len, ybin, sizeof(ybin), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 7)); + COMPARE_TESTVECTOR(buf, len, ybin, sizeof(ybin), "radix_test: dh_export+PK_PUBLIC mismatch", i*10 + 7); dh_free(&k2); DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k3)); @@ -298,10 +298,10 @@ static int s_set_test(void) len = ltc_mp_unsigned_bin_size(k3.prime); DO(ltc_mp_to_unsigned_bin(k3.prime, buf)); - DO(do_compare_testvector(buf, len, pbin, sizeof(pbin), "radix_test: dh_make_key_ex prime mismatch", i*10 + 8)); + COMPARE_TESTVECTOR(buf, len, pbin, sizeof(pbin), "radix_test: dh_make_key_ex prime mismatch", i*10 + 8); len = ltc_mp_unsigned_bin_size(k3.base); DO(ltc_mp_to_unsigned_bin(k3.base, buf)); - DO(do_compare_testvector(buf, len, gbin, sizeof(gbin), "radix_test: dh_make_key_ex base mismatch", i*10 + 9)); + COMPARE_TESTVECTOR(buf, len, gbin, sizeof(gbin), "radix_test: dh_make_key_ex base mismatch", i*10 + 9); dh_free(&k3); } diff --git a/tests/dsa_test.c b/tests/dsa_test.c index 53fe3da77..507509286 100644 --- a/tests/dsa_test.c +++ b/tests/dsa_test.c @@ -151,12 +151,12 @@ static int s_dsa_compat_test(void) x = sizeof(tmp); DO(dsa_export(tmp, &x, PK_PRIVATE | PK_STD, &key)); - DO(do_compare_testvector(tmp, x, ltc_dsa_private_test_key, sizeof(ltc_dsa_private_test_key), + COMPARE_TESTVECTOR(tmp, x, ltc_dsa_private_test_key, sizeof(ltc_dsa_private_test_key), "DSA private export from dsa_import(priv_key)\n", __LINE__); x = sizeof(tmp); DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key)); - DO(do_compare_testvector(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa), + COMPARE_TESTVECTOR(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa), "DSA public export from dsa_import(priv_key)\n", __LINE__); dsa_free(&key); @@ -164,7 +164,7 @@ static int s_dsa_compat_test(void) x = sizeof(tmp); DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key)); - DO(do_compare_testvector(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa), + COMPARE_TESTVECTOR(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa), "DSA public export from dsa_import(pub_key)\n", __LINE__); dsa_free(&key); diff --git a/tests/ecc_test.c b/tests/ecc_test.c index 9c852dfc4..e599a5c15 100644 --- a/tests/ecc_test.c +++ b/tests/ecc_test.c @@ -420,7 +420,7 @@ static int s_ecc_old_api(void) y = sizeof(buf[1]); DO(ecc_shared_secret (&userb, &usera, buf[1], &y)); - DO(do_compare_testvector(buf[0], x, buf[1], y, "ecc Shared keys", s)); + COMPARE_TESTVECTOR(buf[0], x, buf[1], y, "ecc Shared keys", s); /* now export userb */ y = sizeof(buf[0]); diff --git a/tests/ed25519_test.c b/tests/ed25519_test.c index d2e432165..63594a1c1 100644 --- a/tests/ed25519_test.c +++ b/tests/ed25519_test.c @@ -92,7 +92,7 @@ static int s_rfc_8410_10_test(void) DO(ed25519_export(buf, &buflen, rfc_8410_10[n].type, &key)); tmplen = sizeof(tmp); DO(base64_encode(buf, buflen, tmp, &tmplen)); - DO(do_compare_testvector(tmp, tmplen, rfc_8410_10[n].b64, XSTRLEN(rfc_8410_10[n].b64), "Ed25519 export-import", n)); + COMPARE_TESTVECTOR(tmp, tmplen, rfc_8410_10[n].b64, XSTRLEN(rfc_8410_10[n].b64), "Ed25519 export-import", n); } } return CRYPT_OK; @@ -225,9 +225,9 @@ static int s_rfc_8032_7_1_test(void) DO(ed25519_import_raw(sec, slen, PK_PRIVATE, &key)); buflen = sizeof(buf); DO(ed25519_sign(msg, mlen, buf, &buflen, &key)); - DO(do_compare_testvector(buf, buflen, sig, siglen, "Ed25519 RFC8032 7.1 - sign", n)); + COMPARE_TESTVECTOR(buf, buflen, sig, siglen, "Ed25519 RFC8032 7.1 - sign", n); DO(ed25519_verify(msg, mlen, sig, siglen, &ret, &key)); - DO(do_compare_testvector(&ret, sizeof(ret), &should, sizeof(should), "Ed25519 RFC8032 7.1 - verify w/ privkey", n)); + COMPARE_TESTVECTOR(&ret, sizeof(ret), &should, sizeof(should), "Ed25519 RFC8032 7.1 - verify w/ privkey", n); xor_shuffle(sig, siglen, 0x8u); DO( ed25519_verify(msg, mlen, sig, siglen, &ret, &key)); @@ -244,7 +244,7 @@ static int s_rfc_8032_7_1_test(void) DO(base16_decode(rfc_8032_7_1[n].signature, XSTRLEN(rfc_8032_7_1[n].signature), sig, &siglen)); DO(ed25519_import_raw(pub, plen, PK_PUBLIC, &key2)); DO(ed25519_verify(msg, mlen, sig, siglen, &ret, &key2)); - DO(do_compare_testvector(&ret, sizeof(ret), &should, sizeof(should), "Ed25519 RFC8032 7.1 - verify w/ pubkey", n)); + COMPARE_TESTVECTOR(&ret, sizeof(ret), &should, sizeof(should), "Ed25519 RFC8032 7.1 - verify w/ pubkey", n); zeromem(&key, sizeof(key)); zeromem(&key2, sizeof(key2)); @@ -331,7 +331,7 @@ static int s_rfc_8032_7_2_test(void) DO(ed25519_import_raw(sec, slen, PK_PRIVATE, &key)); DO(ed25519ctx_sign(msg, mlen, buf, &buflen, ctx, ctxlen, &key)); - DO(do_compare_testvector(buf, buflen, sig, siglen, "Ed25519 RFC8032 7.2 - sign", n)); + COMPARE_TESTVECTOR(buf, buflen, sig, siglen, "Ed25519 RFC8032 7.2 - sign", n); DO(ed25519ctx_verify(msg, mlen, buf, buflen, ctx, ctxlen, &ret, &key)); ENSUREX(ret == should, "Ed25519 RFC8032 7.2 - verify w/ privkey"); @@ -389,7 +389,7 @@ static int s_rfc_8032_7_3_test(void) DO(ed25519_import_raw(sec, slen, PK_PRIVATE, &key)); DO(ed25519ph_sign(msg, mlen, buf, &buflen, NULL, 0, &key)); - DO(do_compare_testvector(buf, buflen, sig, siglen, "Ed25519 RFC8032 7.3 - sign", 0)); + COMPARE_TESTVECTOR(buf, buflen, sig, siglen, "Ed25519 RFC8032 7.3 - sign", 0); DO(ed25519ph_verify(msg, mlen, buf, buflen, NULL, 0, &ret, &key)); ENSUREX(ret == should, "Ed25519 RFC8032 7.3 - verify w/ privkey"); diff --git a/tests/file_test.c b/tests/file_test.c index 1a05ed112..c410d8963 100644 --- a/tests/file_test.c +++ b/tests/file_test.c @@ -33,11 +33,11 @@ int file_test(void) err = hash_filehandle(isha256, in, buf, &len); fclose(in); DO(err); - DO(do_compare_testvector(buf, len, exp_sha256, 32, "hash_filehandle", 1)); + COMPARE_TESTVECTOR(buf, len, exp_sha256, 32, "hash_filehandle", 1); len = sizeof(buf); DO(hash_file(isha256, fname, buf, &len)); - DO(do_compare_testvector(buf, len, exp_sha256, 32, "hash_file", 1)); + COMPARE_TESTVECTOR(buf, len, exp_sha256, 32, "hash_file", 1); #ifdef LTC_HMAC { @@ -45,7 +45,7 @@ int file_test(void) 0x8F, 0x68, 0xCF, 0xBA, 0x2E, 0xAD, 0xC4, 0x63, 0x9D, 0x7F, 0x02, 0x99, 0x8C, 0x08, 0xAC, 0xC0 }; len = sizeof(buf); DO(hmac_file(isha256, fname, key, 32, buf, &len)); - DO(do_compare_testvector(buf, len, exp_hmacsha256, 32, "hmac_file", 1)); + COMPARE_TESTVECTOR(buf, len, exp_hmacsha256, 32, "hmac_file", 1); } #endif #ifdef LTC_OMAC @@ -53,7 +53,7 @@ int file_test(void) unsigned char exp_omacaes[16] = { 0x50, 0xB4, 0x6C, 0x62, 0xE9, 0xCA, 0x48, 0xFC, 0x38, 0x8D, 0xF4, 0xA2, 0x7D, 0x6A, 0x1E, 0xD8 }; len = sizeof(buf); DO(omac_file(iaes, key, 32, fname, buf, &len)); - DO(do_compare_testvector(buf, len, exp_omacaes, 16, "omac_file", 1)); + COMPARE_TESTVECTOR(buf, len, exp_omacaes, 16, "omac_file", 1); } #endif #ifdef LTC_PMAC @@ -61,7 +61,7 @@ int file_test(void) unsigned char exp_pmacaes[16] = { 0x7D, 0x65, 0xF0, 0x75, 0x4F, 0x8D, 0xE2, 0xB0, 0xE4, 0xFA, 0x54, 0x4E, 0x45, 0x01, 0x36, 0x1B }; len = sizeof(buf); DO(pmac_file(iaes, key, 32, fname, buf, &len)); - DO(do_compare_testvector(buf, len, exp_pmacaes, 16, "pmac_file", 1)); + COMPARE_TESTVECTOR(buf, len, exp_pmacaes, 16, "pmac_file", 1); } #endif #ifdef LTC_XCBC @@ -69,7 +69,7 @@ int file_test(void) unsigned char exp_xcbcaes[16] = { 0x9C, 0x73, 0xA2, 0xD7, 0x90, 0xA5, 0x86, 0x25, 0x4D, 0x3C, 0x8A, 0x6A, 0x24, 0x6D, 0xD1, 0xAB }; len = sizeof(buf); DO(xcbc_file(iaes, key, 32, fname, buf, &len)); - DO(do_compare_testvector(buf, len, exp_xcbcaes, 16, "xcbc_file", 1)); + COMPARE_TESTVECTOR(buf, len, exp_xcbcaes, 16, "xcbc_file", 1); } #endif #ifdef LTC_F9_MODE @@ -77,7 +77,7 @@ int file_test(void) unsigned char exp_f9aes[16] = { 0x6B, 0x6A, 0x18, 0x34, 0x13, 0x8E, 0x01, 0xEF, 0x33, 0x8E, 0x7A, 0x3F, 0x5B, 0x9A, 0xA6, 0x7A }; len = sizeof(buf); DO(f9_file(iaes, key, 32, fname, buf, &len)); - DO(do_compare_testvector(buf, len, exp_f9aes, 16, "f9_file", 1)); + COMPARE_TESTVECTOR(buf, len, exp_f9aes, 16, "f9_file", 1); } #endif #ifdef LTC_POLY1305 @@ -85,7 +85,7 @@ int file_test(void) unsigned char exp_poly1305[16] = { 0xD0, 0xC7, 0xFB, 0x13, 0xA8, 0x87, 0x84, 0x23, 0x21, 0xCC, 0xA9, 0x43, 0x81, 0x18, 0x75, 0xBE }; len = sizeof(buf); DO(poly1305_file(fname, key, 32, buf, &len)); - DO(do_compare_testvector(buf, len, exp_poly1305, 16, "poly1305_file", 1)); + COMPARE_TESTVECTOR(buf, len, exp_poly1305, 16, "poly1305_file", 1); } #endif #ifdef LTC_BLAKE2SMAC @@ -93,7 +93,7 @@ int file_test(void) unsigned char exp_blake2smac[16] = { 0x4f, 0x94, 0x45, 0x15, 0xcd, 0xd1, 0xca, 0x02, 0x1a, 0x0c, 0x7a, 0xe4, 0x6d, 0x2f, 0xe8, 0xb3 }; len = 16; DO(blake2smac_file(fname, key, 32, buf, &len)); - DO(do_compare_testvector(buf, len, exp_blake2smac, 16, "exp_blake2smac_file", 1)); + COMPARE_TESTVECTOR(buf, len, exp_blake2smac, 16, "exp_blake2smac_file", 1); } #endif #ifdef LTC_BLAKE2BMAC @@ -101,7 +101,7 @@ int file_test(void) unsigned char exp_blake2bmac[16] = { 0xdf, 0x0e, 0x7a, 0xab, 0x96, 0x6b, 0x75, 0x4e, 0x52, 0x6a, 0x43, 0x96, 0xbd, 0xef, 0xab, 0x44 }; len = 16; DO(blake2bmac_file(fname, key, 32, buf, &len)); - DO(do_compare_testvector(buf, len, exp_blake2bmac, 16, "exp_blake2bmac_file", 1)); + COMPARE_TESTVECTOR(buf, len, exp_blake2bmac, 16, "exp_blake2bmac_file", 1); } #endif diff --git a/tests/mpi_test.c b/tests/mpi_test.c index 5e1fff92d..89f5c049c 100644 --- a/tests/mpi_test.c +++ b/tests/mpi_test.c @@ -123,10 +123,10 @@ static int s_radix_to_bin_test(void) DO(radix_to_bin(test[i].p, test[i].radix, key_parts[2], &key_lens[2])); DO(radix_to_bin(test[i].g, test[i].radix, key_parts[3], &key_lens[3])); - DO(do_compare_testvector(key_parts[0], key_lens[0], test[0].x, test[0].xlen, "radix_to_bin(x)", i)); - DO(do_compare_testvector(key_parts[1], key_lens[1], test[0].y, test[0].ylen, "radix_to_bin(y)", i)); - DO(do_compare_testvector(key_parts[2], key_lens[2], test[0].p, test[0].plen, "radix_to_bin(p)", i)); - DO(do_compare_testvector(key_parts[3], key_lens[3], test[0].g, test[0].glen, "radix_to_bin(g)", i)); + COMPARE_TESTVECTOR(key_parts[0], key_lens[0], test[0].x, test[0].xlen, "radix_to_bin(x)", i); + COMPARE_TESTVECTOR(key_parts[1], key_lens[1], test[0].y, test[0].ylen, "radix_to_bin(y)", i); + COMPARE_TESTVECTOR(key_parts[2], key_lens[2], test[0].p, test[0].plen, "radix_to_bin(p)", i); + COMPARE_TESTVECTOR(key_parts[3], key_lens[3], test[0].g, test[0].glen, "radix_to_bin(g)", i); } return CRYPT_OK; } diff --git a/tests/rsa_test.c b/tests/rsa_test.c index 53df0a136..568e70fce 100644 --- a/tests/rsa_test.c +++ b/tests/rsa_test.c @@ -207,32 +207,32 @@ static int rsa_compat_test(void) /* now try to export private/public and compare */ len = sizeof(buf); DO(rsa_export(buf, &len, PK_PRIVATE, &key)); - DO(do_compare_testvector(buf, len, ltc_rsa_private_test_key, sizeof(ltc_rsa_private_test_key), "RSA private export (from OpenSSL)", 0)); + COMPARE_TESTVECTOR(buf, len, ltc_rsa_private_test_key, sizeof(ltc_rsa_private_test_key), "RSA private export (from OpenSSL)", 0); len = sizeof(buf); DO(rsa_export(buf, &len, PK_PUBLIC, &key)); - DO(do_compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from OpenSSL private key)", 0)); + COMPARE_TESTVECTOR(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from OpenSSL private key)", 0); rsa_free(&key); /* try reading the public key */ DO(rsa_import(openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), &key)); len = sizeof(buf); DO(rsa_export(buf, &len, PK_PUBLIC, &key)); - DO(do_compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from stripped OpenSSL)", 0)); + COMPARE_TESTVECTOR(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from stripped OpenSSL)", 0); rsa_free(&key); /* try reading the public key */ DO(rsa_import(openssl_public_rsa, sizeof(openssl_public_rsa), &key)); len = sizeof(buf); DO(rsa_export(buf, &len, PK_PUBLIC, &key)); - DO(do_compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from OpenSSL)", 0)); + COMPARE_TESTVECTOR(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from OpenSSL)", 0); rsa_free(&key); /* try import private key in pkcs8 format */ DO(rsa_import_pkcs8(pkcs8_private_rsa, sizeof(pkcs8_private_rsa), NULL, &key)); len = sizeof(buf); DO(rsa_export(buf, &len, PK_PRIVATE, &key)); - DO(do_compare_testvector(buf, len, ltc_rsa_private_test_key, sizeof(ltc_rsa_private_test_key), "RSA private export (from PKCS#8)", 0)); + COMPARE_TESTVECTOR(buf, len, ltc_rsa_private_test_key, sizeof(ltc_rsa_private_test_key), "RSA private export (from PKCS#8)", 0); rsa_free(&key); /* convert raw hexadecimal numbers to binary */ @@ -246,21 +246,21 @@ static int rsa_compat_test(void) DO(rsa_set_crt_params(key_parts[pk_dP], key_lens[pk_dP], key_parts[pk_dQ], key_lens[pk_dQ], key_parts[pk_qP], key_lens[pk_qP], &key)); len = sizeof(buf); DO(rsa_export(buf, &len, PK_PRIVATE, &key)); - DO(do_compare_testvector(buf, len, ltc_rsa_private_test_key, sizeof(ltc_rsa_private_test_key), "RSA private export (from hex)", 0)); + COMPARE_TESTVECTOR(buf, len, ltc_rsa_private_test_key, sizeof(ltc_rsa_private_test_key), "RSA private export (from hex)", 0); rsa_free(&key); /* try import public key from converted raw hexadecimal numbers */ DO(rsa_set_key(key_parts[pk_N], key_lens[pk_N], key_parts[pk_e], key_lens[pk_e], NULL, 0, &key)); len = sizeof(buf); DO(rsa_export(buf, &len, PK_PUBLIC, &key)); - DO(do_compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from hex)", 0)); + COMPARE_TESTVECTOR(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from hex)", 0); rsa_free(&key); /* try export in SubjectPublicKeyInfo format of the public key */ DO(rsa_import(openssl_public_rsa, sizeof(openssl_public_rsa), &key)); len = sizeof(buf); DO(rsa_export(buf, &len, PK_PUBLIC | PK_STD, &key)); - DO(do_compare_testvector(buf, len, openssl_public_rsa, sizeof(openssl_public_rsa), "RSA public export (X.509)", 0)); + COMPARE_TESTVECTOR(buf, len, openssl_public_rsa, sizeof(openssl_public_rsa), "RSA public export (X.509)", 0); rsa_free(&key); return 0; @@ -546,7 +546,7 @@ print_hex("q", tmp, len); len2 = rsa_msgsize; DO(rsa_decrypt_key_ex(out, len, tmp, &len2, NULL, 0, mgf_hash, label_hash, LTC_PKCS_1_OAEP, &stat, &key)); ENSUREX(stat == 1 && stat2 == 0, "rsa_decrypt_key (without lparam)"); - DO(do_compare_testvector(tmp, len2, in, rsa_msgsize, "rsa_decrypt_key (without lparam)", cnt << 8 | rsa_msgsize)); + COMPARE_TESTVECTOR(tmp, len2, in, rsa_msgsize, "rsa_decrypt_key (without lparam)", cnt << 8 | rsa_msgsize); } /* encrypt the key (with lparam) */ @@ -565,7 +565,7 @@ print_hex("q", tmp, len); len2 = rsa_msgsize; DO(rsa_decrypt_key_ex(out, len, tmp, &len2, lparam, sizeof(lparam), mgf_hash, label_hash, LTC_PKCS_1_OAEP, &stat, &key)); ENSURE(stat == 1 && stat2 == 0); - DO(do_compare_testvector(tmp, len2, in, rsa_msgsize, "rsa_decrypt_key (with lparam)", rsa_msgsize)); + COMPARE_TESTVECTOR(tmp, len2, in, rsa_msgsize, "rsa_decrypt_key (with lparam)", rsa_msgsize); } } @@ -582,7 +582,7 @@ print_hex("q", tmp, len); len2 = rsa_msgsize; DO(rsa_decrypt_key_ex(out, len, tmp, &len2, NULL, 0, 0, -1, LTC_PKCS_1_V1_5, &stat, &key)); ENSURE(stat == 1); - DO(do_compare_testvector(tmp, len2, in, rsa_msgsize, "rsa_decrypt_key_ex", rsa_msgsize)); + COMPARE_TESTVECTOR(tmp, len2, in, rsa_msgsize, "rsa_decrypt_key_ex", rsa_msgsize); } /* sign a message (unsalted, lower cholestorol and Atkins approved) now */ diff --git a/tests/x25519_test.c b/tests/x25519_test.c index 1ea2b4fdb..f8b3a7c74 100644 --- a/tests/x25519_test.c +++ b/tests/x25519_test.c @@ -197,7 +197,7 @@ static int s_x25519_compat_test(void) DO(x25519_export(buf, &buflen, PK_PRIVATE | PK_STD, &priv)); DO(x25519_import_pkcs8(buf, buflen, NULL, &imported)); - DO(do_compare_testvector(&priv, sizeof(priv), &imported, sizeof(imported), "priv after ex-&import", __LINE__)); + COMPARE_TESTVECTOR(&priv, sizeof(priv), &imported, sizeof(imported), "priv after ex-&import", __LINE__); XMEMSET(&imported, 0, sizeof(imported)); buflen = sizeof(buf); @@ -208,14 +208,14 @@ static int s_x25519_compat_test(void) DO(x25519_export(buf, &buflen, PK_PUBLIC | PK_STD, &priv)); DO(x25519_import(buf, buflen, &imported)); - DO(do_compare_testvector(&pub, sizeof(pub), &imported, sizeof(imported), "pub after private ex-&import", __LINE__)); + COMPARE_TESTVECTOR(&pub, sizeof(pub), &imported, sizeof(imported), "pub after private ex-&import", __LINE__); XMEMSET(&imported, 0, sizeof(imported)); buflen = sizeof(buf); DO(x25519_export(buf, &buflen, PK_PUBLIC | PK_STD, &pub)); DO(x25519_import(buf, buflen, &imported)); - DO(do_compare_testvector(&pub, sizeof(pub), &imported, sizeof(imported), "pub after public ex-&import", __LINE__)); + COMPARE_TESTVECTOR(&pub, sizeof(pub), &imported, sizeof(imported), "pub after public ex-&import", __LINE__); return CRYPT_OK; } From 72b353f3dd3c2dd437c97515a30af59007163205 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 16 Jun 2025 14:12:40 +0200 Subject: [PATCH 05/19] Workflow trigger filtering changed Signed-off-by: Steffen Jaeckel --- .github/workflows/main.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 2ca683d5a..174c92c96 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -5,12 +5,16 @@ on: branches: - master - develop - - /^release\/.*$/ + - 'release/**' + - 'support/**' + - 'ci/**' pull_request: branches: - master - develop - - /^release\/.*$/ + - 'release/**' + - 'support/**' + - 'ci/**' concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} From 19a5520936fad64296f50537324148b67adf5fc6 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 16 Jun 2025 14:14:14 +0200 Subject: [PATCH 06/19] Allow `base16_encode()` to re-use the input buffer as output Signed-off-by: Steffen Jaeckel --- src/misc/base16/base16_encode.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/misc/base16/base16_encode.c b/src/misc/base16/base16_encode.c index 649a4d867..206827ca7 100644 --- a/src/misc/base16/base16_encode.c +++ b/src/misc/base16/base16_encode.c @@ -52,10 +52,11 @@ int base16_encode(const unsigned char *in, unsigned long inlen, alphabet = alphabets[1]; } - for (i = 0; i < x; i += 2) { - out[i] = alphabet[(in[i/2] >> 4) & 0x0f]; - out[i+1] = alphabet[in[i/2] & 0x0f]; + for (i = x; i > 0; i -= 2) { + out[i-2] = alphabet[(in[(i-1)/2] >> 4) & 0x0f]; + out[i-1] = alphabet[in[(i-1)/2] & 0x0f]; } + out[x] = '\0'; return CRYPT_OK; From 8d44e48d4612d835fedf16bbf48ec4d6484c4831 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 16 Jun 2025 14:15:22 +0200 Subject: [PATCH 07/19] Be less strict in `register_all_hashes()` Allow using all hashes in case we didn't register our ciphers. Nobody should really use CHC, so we shouldn't make it mandatory. Signed-off-by: Steffen Jaeckel --- src/misc/crypt/crypt_register_all_hashes.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/misc/crypt/crypt_register_all_hashes.c b/src/misc/crypt/crypt_register_all_hashes.c index 328e84a6c..362205f9d 100644 --- a/src/misc/crypt/crypt_register_all_hashes.c +++ b/src/misc/crypt/crypt_register_all_hashes.c @@ -89,8 +89,13 @@ int register_all_hashes(void) REGISTER_HASH(&blake2b_512_desc); #endif #ifdef LTC_CHC_HASH - REGISTER_HASH(&chc_desc); - LTC_ARGCHK(chc_register(find_cipher_any("aes", 8, 16)) == CRYPT_OK); + { + int aes_index = find_cipher_any("aes", 8, 16); + if (aes_index != -1) { + REGISTER_HASH(&chc_desc); + LTC_ARGCHK(chc_register(aes_index) == CRYPT_OK); + } + } #endif return CRYPT_OK; } From fe32e7ea9d6c2441b6980422b9dcb280a9a9d984 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 5 Sep 2025 10:49:28 +0200 Subject: [PATCH 08/19] Add `LTC_ARRAY_SIZE()` macro Signed-off-by: Steffen Jaeckel --- demos/hashsum.c | 8 +++-- demos/pem-info.c | 4 +-- demos/timing.c | 6 ++-- demos/tv_gen.c | 2 +- src/ciphers/aes/aes.c | 2 +- src/ciphers/aes/aes_desc.c | 2 +- src/ciphers/aes/aesni.c | 2 +- src/ciphers/anubis.c | 2 +- src/ciphers/camellia.c | 2 +- src/ciphers/des.c | 4 +-- src/ciphers/idea.c | 2 +- src/ciphers/kasumi.c | 2 +- src/ciphers/khazad.c | 2 +- src/ciphers/kseed.c | 2 +- src/ciphers/multi2.c | 2 +- src/ciphers/noekeon.c | 2 +- src/ciphers/serpent.c | 2 +- src/ciphers/tea.c | 2 +- src/ciphers/twofish/twofish.c | 2 +- src/ciphers/xtea.c | 2 +- src/encauth/ccm/ccm_test.c | 2 +- src/encauth/eax/eax_test.c | 2 +- src/encauth/gcm/gcm_test.c | 2 +- src/encauth/ocb/ocb_init.c | 2 +- src/encauth/ocb/ocb_test.c | 2 +- src/encauth/ocb3/ocb3_init.c | 2 +- src/encauth/ocb3/ocb3_test.c | 2 +- src/encauth/siv/siv.c | 2 +- src/hashes/chc/chc.c | 2 +- src/hashes/rmd128.c | 2 +- src/hashes/rmd160.c | 2 +- src/hashes/rmd256.c | 2 +- src/hashes/rmd320.c | 2 +- src/hashes/whirl/whirl.c | 2 +- src/headers/tomcrypt_private.h | 2 ++ src/mac/f9/f9_test.c | 2 +- src/mac/omac/omac_test.c | 2 +- src/mac/pelican/pelican_test.c | 2 +- src/mac/pmac/pmac_init.c | 4 +-- src/mac/pmac/pmac_test.c | 2 +- src/mac/xcbc/xcbc_test.c | 2 +- src/math/ltm_desc.c | 2 +- src/math/tfm_desc.c | 2 +- src/misc/error_to_string.c | 2 +- src/misc/pbes/pbes2.c | 4 +-- src/misc/pem/pem.c | 4 +-- src/misc/pem/pem_pkcs.c | 4 +-- src/misc/pem/pem_ssh.c | 12 ++++---- src/modes/ctr/ctr_test.c | 2 +- src/modes/lrw/lrw_test.c | 2 +- src/pk/asn1/der/general/der_asn1_maps.c | 10 +++---- .../der/general/der_decode_asn1_identifier.c | 2 +- src/pk/asn1/der/ia5/der_length_ia5_string.c | 4 +-- .../der_length_printable_string.c | 4 +-- .../der_length_teletex_string.c | 4 +-- src/pk/asn1/oid/pk_get.c | 4 +-- .../x509_decode_subject_public_key_info.c | 2 +- .../x509_encode_subject_public_key_info.c | 4 +-- src/pk/dsa/dsa_decrypt_key.c | 2 +- src/pk/dsa/dsa_generate_pqg.c | 2 +- src/pk/ec25519/ec25519_export.c | 2 +- src/pk/ecc/ecc_decrypt_key.c | 2 +- src/pk/ecc/ecc_export_openssl.c | 2 +- src/pk/rsa/rsa_key.c | 6 ++-- src/pk/rsa/rsa_verify_hash.c | 2 +- tests/base64_test.c | 4 +-- tests/der_test.c | 30 +++++++++---------- tests/ecc_test.c | 8 ++--- tests/ed25519_test.c | 6 ++-- tests/modes_test.c | 2 +- tests/padding_test.c | 4 +-- tests/pkcs_1_eme_test.c | 4 +-- tests/pkcs_1_emsa_test.c | 4 +-- tests/pkcs_1_oaep_test.c | 4 +-- tests/pkcs_1_pss_test.c | 4 +-- tests/test.c | 4 +-- tests/x25519_test.c | 6 ++-- 77 files changed, 135 insertions(+), 129 deletions(-) diff --git a/demos/hashsum.c b/demos/hashsum.c index 7670c9249..dd129861e 100644 --- a/demos/hashsum.c +++ b/demos/hashsum.c @@ -30,6 +30,10 @@ '\255') #define HEXOF(x) (x - s_base(x)) +#ifndef LTC_ARRAY_SIZE +#define LTC_ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0])) +#endif + static char* hashsum; static void cleanup(void) @@ -190,7 +194,7 @@ int main(int argc, char **argv) die(EXIT_FAILURE); } - for (x = 0; x < sizeof(idxs)/sizeof(idxs[0]); ++x) { + for (x = 0; x < LTC_ARRAY_SIZE(idxs); ++x) { idxs[x] = -2; } argn = 1; @@ -243,7 +247,7 @@ int main(int argc, char **argv) die(EXIT_FAILURE); } idx++; - if ((size_t)idx >= sizeof(idxs)/sizeof(idxs[0])) { + if ((size_t)idx >= LTC_ARRAY_SIZE(idxs)) { fprintf(stderr, "%s: Too many '-a' options chosen\n", hashsum); die(EXIT_FAILURE); } diff --git a/demos/pem-info.c b/demos/pem-info.c index 9799ee4b0..f4dcec790 100644 --- a/demos/pem-info.c +++ b/demos/pem-info.c @@ -34,7 +34,7 @@ static const struct { static const char *s_map_cipher(const char *name) { unsigned long n; - for (n = 0; n < sizeof(cipher_name_map)/sizeof(cipher_name_map[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(cipher_name_map); ++n) { if (strcmp(name, cipher_name_map[n].is) == 0) return cipher_name_map[n].should; } @@ -61,7 +61,7 @@ static const char *s_map_mode(enum cipher_mode mode) { size_t n; mode &= cm_modes | cm_1bit | cm_8bit; - for (n = 0; n < sizeof(cipher_mode_map)/sizeof(cipher_mode_map[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(cipher_mode_map); ++n) { if (cipher_mode_map[n].mode == mode) return cipher_mode_map[n].name; } diff --git a/demos/timing.c b/demos/timing.c index 7d2e49965..52dd11522 100644 --- a/demos/timing.c +++ b/demos/timing.c @@ -658,7 +658,7 @@ static const struct { if (ltc_mp.name == NULL) return; - for (x = 0; x < (sizeof(groups)/sizeof(groups[0])); x++) { + for (x = 0; x < LTC_ARRAY_SIZE(groups); x++) { t2 = 0; for (y = 0; y < 4; y++) { t_start(); @@ -1408,7 +1408,7 @@ if (argc > 1) { if (strstr(argv[1], "-h")) { die(EXIT_SUCCESS); } else if (strstr(argv[1], "-l")) { - for (i = 0; i < sizeof(test_functions)/sizeof(test_functions[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(test_functions); ++i) { printf("%s\n", test_functions[i].name); } exit(0); @@ -1446,7 +1446,7 @@ if ((err = rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL)) != CRYPT /* single test name from commandline */ if (argc > 1) single_test = argv[1]; -for (i = 0; i < sizeof(test_functions)/sizeof(test_functions[0]); ++i) { +for (i = 0; i < LTC_ARRAY_SIZE(test_functions); ++i) { if (single_test && strstr(test_functions[i].name, single_test) == NULL) { continue; } diff --git a/demos/tv_gen.c b/demos/tv_gen.c index 3710fa635..61c6de529 100644 --- a/demos/tv_gen.c +++ b/demos/tv_gen.c @@ -535,7 +535,7 @@ static void ccm_gen(void) nonce[z] = z; } - for (t = 0; t < sizeof(taglen)/sizeof(taglen[0]); ++t) { + for (t = 0; t < LTC_ARRAY_SIZE(taglen); ++t) { for (y1 = 0; y1 <= (int)(cipher_descriptor[x].block_length*2); y1++){ for (z = 0; z < y1; z++) { plaintext[z] = (unsigned char)(z & 255); diff --git a/src/ciphers/aes/aes.c b/src/ciphers/aes/aes.c index 1a5e269a3..ea65a6bdd 100644 --- a/src/ciphers/aes/aes.c +++ b/src/ciphers/aes/aes.c @@ -669,7 +669,7 @@ int ECB_TEST(void) unsigned char tmp[2][16]; int i, y; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { zeromem(&key, sizeof(key)); if ((err = rijndael_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) { return err; diff --git a/src/ciphers/aes/aes_desc.c b/src/ciphers/aes/aes_desc.c index 7c537df75..42f125a0b 100644 --- a/src/ciphers/aes/aes_desc.c +++ b/src/ciphers/aes/aes_desc.c @@ -189,7 +189,7 @@ int AES_TEST(void) int y; #endif - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { zeromem(&key, sizeof(key)); if ((err = AES_SETUP(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) { return err; diff --git a/src/ciphers/aes/aesni.c b/src/ciphers/aes/aesni.c index ecfc008e9..723ad272d 100644 --- a/src/ciphers/aes/aesni.c +++ b/src/ciphers/aes/aesni.c @@ -313,7 +313,7 @@ int aesni_test(void) unsigned char tmp[2][16]; int i, y; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { zeromem(&key, sizeof(key)); if ((err = aesni_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) { return err; diff --git a/src/ciphers/anubis.c b/src/ciphers/anubis.c index 8338fa730..128b16c57 100644 --- a/src/ciphers/anubis.c +++ b/src/ciphers/anubis.c @@ -1498,7 +1498,7 @@ int anubis_test(void) unsigned char buf[2][16]; symmetric_key skey; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { anubis_setup(tests[x].key, tests[x].keylen, 0, &skey); anubis_ecb_encrypt(tests[x].pt, buf[0], &skey); anubis_ecb_decrypt(buf[0], buf[1], &skey); diff --git a/src/ciphers/camellia.c b/src/ciphers/camellia.c index 702c602e8..ee40284f1 100644 --- a/src/ciphers/camellia.c +++ b/src/ciphers/camellia.c @@ -680,7 +680,7 @@ int camellia_test(void) int err; unsigned int x; - for (x = 0; x < sizeof(tests)/sizeof(tests[0]); x++) { + for (x = 0; x < LTC_ARRAY_SIZE(tests); x++) { zeromem(&skey, sizeof(skey)); if ((err = camellia_setup(tests[x].key, tests[x].keylen, 0, &skey)) != CRYPT_OK) { return err; diff --git a/src/ciphers/des.c b/src/ciphers/des.c index c20dbf98d..5f4cd5b1c 100644 --- a/src/ciphers/des.c +++ b/src/ciphers/des.c @@ -2018,7 +2018,7 @@ int des_test(void) symmetric_key skey; int i, err; - for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) + for (i = 0; i < (int)LTC_ARRAY_SIZE(cases); i++) { if ((err = des_setup(cases[i].key, 8, 0, &skey)) != CRYPT_OK) { return err; @@ -2125,7 +2125,7 @@ int des3_test(void) return err; } - for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) + for (i = 0; i < (int)LTC_ARRAY_SIZE(cases); i++) { if ((err = des3_setup(cases[i].key, 16, 0, &skey)) != CRYPT_OK) { return err; diff --git a/src/ciphers/idea.c b/src/ciphers/idea.c index 40adc5834..f663b486f 100644 --- a/src/ciphers/idea.c +++ b/src/ciphers/idea.c @@ -226,7 +226,7 @@ int idea_test(void) return CRYPT_FAIL_TESTVECTOR; } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { if ((err = idea_setup(tests[x].key, 16, 8, &key)) != CRYPT_OK) { return err; } diff --git a/src/ciphers/kasumi.c b/src/ciphers/kasumi.c index de76fc73e..7f25b349b 100644 --- a/src/ciphers/kasumi.c +++ b/src/ciphers/kasumi.c @@ -286,7 +286,7 @@ int kasumi_test(void) symmetric_key key; int err, x; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { if ((err = kasumi_setup(tests[x].key, 16, 0, &key)) != CRYPT_OK) { return err; } diff --git a/src/ciphers/khazad.c b/src/ciphers/khazad.c index ccd1b7020..0f1327dcd 100644 --- a/src/ciphers/khazad.c +++ b/src/ciphers/khazad.c @@ -794,7 +794,7 @@ int khazad_test(void) unsigned char buf[2][8]; symmetric_key skey; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { khazad_setup(tests[x].key, 16, 0, &skey); khazad_ecb_encrypt(tests[x].pt, buf[0], &skey); khazad_ecb_decrypt(buf[0], buf[1], &skey); diff --git a/src/ciphers/kseed.c b/src/ciphers/kseed.c index 014b4e336..be8ec63a9 100644 --- a/src/ciphers/kseed.c +++ b/src/ciphers/kseed.c @@ -334,7 +334,7 @@ int kseed_test(void) unsigned char buf[2][16]; symmetric_key skey; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { kseed_setup(tests[x].key, 16, 0, &skey); kseed_ecb_encrypt(tests[x].pt, buf[0], &skey); kseed_ecb_decrypt(buf[0], buf[1], &skey); diff --git a/src/ciphers/multi2.c b/src/ciphers/multi2.c index e1a84acf0..2ef7ff0db 100644 --- a/src/ciphers/multi2.c +++ b/src/ciphers/multi2.c @@ -242,7 +242,7 @@ int multi2_test(void) symmetric_key skey; int err, x; - for (x = 1; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 1; x < (int)LTC_ARRAY_SIZE(tests); x++) { if ((err = multi2_setup(tests[x].key, 40, tests[x].rounds, &skey)) != CRYPT_OK) { return err; } diff --git a/src/ciphers/noekeon.c b/src/ciphers/noekeon.c index 3dfe91e6e..e5b4ded2e 100644 --- a/src/ciphers/noekeon.c +++ b/src/ciphers/noekeon.c @@ -267,7 +267,7 @@ int noekeon_test(void) unsigned char tmp[2][16]; int err, i, y; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { zeromem(&key, sizeof(key)); if ((err = noekeon_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) { return err; diff --git a/src/ciphers/serpent.c b/src/ciphers/serpent.c index 8f5b7858e..03661a102 100644 --- a/src/ciphers/serpent.c +++ b/src/ciphers/serpent.c @@ -693,7 +693,7 @@ int serpent_test(void) symmetric_key key; int err, x; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { if ((err = serpent_setup(tests[x].key, tests[x].keylen, 0, &key)) != CRYPT_OK) { return err; } diff --git a/src/ciphers/tea.c b/src/ciphers/tea.c index 2e3a040c8..c5419bf45 100644 --- a/src/ciphers/tea.c +++ b/src/ciphers/tea.c @@ -150,7 +150,7 @@ int tea_test(void) symmetric_key skey; size_t i; int err, y; - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { + for (i = 0; i < LTC_ARRAY_SIZE(tests); i++) { zeromem(&skey, sizeof(skey)); l = sizeof(key); diff --git a/src/ciphers/twofish/twofish.c b/src/ciphers/twofish/twofish.c index 48149a2d2..30478f044 100644 --- a/src/ciphers/twofish/twofish.c +++ b/src/ciphers/twofish/twofish.c @@ -651,7 +651,7 @@ int twofish_test(void) unsigned char tmp[2][16]; int err, i, y; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { if ((err = twofish_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) { return err; } diff --git a/src/ciphers/xtea.c b/src/ciphers/xtea.c index 95aaa1a94..9e86e8d00 100644 --- a/src/ciphers/xtea.c +++ b/src/ciphers/xtea.c @@ -197,7 +197,7 @@ int xtea_test(void) unsigned char tmp[2][8]; symmetric_key skey; int i, err, y; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { zeromem(&skey, sizeof(skey)); if ((err = xtea_setup(tests[i].key, 16, 0, &skey)) != CRYPT_OK) { return err; diff --git a/src/encauth/ccm/ccm_test.c b/src/encauth/ccm/ccm_test.c index 14f2d7980..d725ecdd7 100644 --- a/src/encauth/ccm/ccm_test.c +++ b/src/encauth/ccm/ccm_test.c @@ -121,7 +121,7 @@ int ccm_test(void) } } - for (x = 0; x < (sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < LTC_ARRAY_SIZE(tests); x++) { for (y = 0; y < 2; y++) { taglen = tests[x].taglen; if (y == 0) { diff --git a/src/encauth/eax/eax_test.c b/src/encauth/eax/eax_test.c index c613e0d28..adfa8797e 100644 --- a/src/encauth/eax/eax_test.c +++ b/src/encauth/eax/eax_test.c @@ -216,7 +216,7 @@ int eax_test(void) } } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { len = sizeof(outtag); if ((err = eax_encrypt_authenticate_memory(idx, tests[x].key, tests[x].keylen, tests[x].nonce, tests[x].noncelen, tests[x].header, tests[x].headerlen, diff --git a/src/encauth/gcm/gcm_test.c b/src/encauth/gcm/gcm_test.c index 228db57d8..aa24122d5 100644 --- a/src/encauth/gcm/gcm_test.c +++ b/src/encauth/gcm/gcm_test.c @@ -338,7 +338,7 @@ int gcm_test(void) if ((err = gcm_done(&gcm, T[0], &y)) != CRYPT_OK) return err; if (compare_testvector(T[0], y, tests[0].T, 16, "GCM Encrypt Tag-special", 0)) return CRYPT_FAIL_TESTVECTOR; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { y = sizeof(T[0]); if ((err = gcm_memory(idx, tests[x].K, tests[x].keylen, tests[x].IV, tests[x].IVlen, diff --git a/src/encauth/ocb/ocb_init.c b/src/encauth/ocb/ocb_init.c index dbb351dae..9460e4044 100644 --- a/src/encauth/ocb/ocb_init.c +++ b/src/encauth/ocb/ocb_init.c @@ -53,7 +53,7 @@ int ocb_init(ocb_state *ocb, int cipher, /* determine which polys to use */ ocb->block_len = cipher_descriptor[cipher].block_length; - x = (int)(sizeof(polys)/sizeof(polys[0])); + x = (int)LTC_ARRAY_SIZE(polys); for (poly = 0; poly < x; poly++) { if (polys[poly].len == ocb->block_len) { break; diff --git a/src/encauth/ocb/ocb_test.c b/src/encauth/ocb/ocb_test.c index b03c2fd3a..12942b514 100644 --- a/src/encauth/ocb/ocb_test.c +++ b/src/encauth/ocb/ocb_test.c @@ -167,7 +167,7 @@ int ocb_test(void) } } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { len = sizeof(outtag); if ((err = ocb_encrypt_authenticate_memory(idx, tests[x].key, 16, tests[x].nonce, tests[x].pt, tests[x].ptlen, outct, outtag, &len)) != CRYPT_OK) { diff --git a/src/encauth/ocb3/ocb3_init.c b/src/encauth/ocb3/ocb3_init.c index 5e6c8149b..700d9bfd4 100644 --- a/src/encauth/ocb3/ocb3_init.c +++ b/src/encauth/ocb3/ocb3_init.c @@ -116,7 +116,7 @@ int ocb3_init(ocb3_state *ocb, int cipher, /* determine which polys to use */ ocb->block_len = cipher_descriptor[cipher].block_length; - x = (int)(sizeof(polys)/sizeof(polys[0])); + x = (int)LTC_ARRAY_SIZE(polys); for (poly = 0; poly < x; poly++) { if (polys[poly].len == ocb->block_len) { break; diff --git a/src/encauth/ocb3/ocb3_test.c b/src/encauth/ocb3/ocb3_test.c index 3a9816e6c..3c6cfe5f1 100644 --- a/src/encauth/ocb3/ocb3_test.c +++ b/src/encauth/ocb3/ocb3_test.c @@ -209,7 +209,7 @@ int ocb3_test(void) } } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { len = 16; /* must be the same as the required taglen */ if ((err = ocb3_encrypt_authenticate_memory(idx, key, sizeof(key), diff --git a/src/encauth/siv/siv.c b/src/encauth/siv/siv.c index 3e078c6b7..05f7c4487 100644 --- a/src/encauth/siv/siv.c +++ b/src/encauth/siv/siv.c @@ -608,7 +608,7 @@ int siv_test(void) cipher = find_cipher("aes"); - for (n = 0; n < sizeof(siv_tests)/sizeof(siv_tests[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(siv_tests); ++n) { buflen = sizeof(buf); if ((err = siv_encrypt_memory(cipher, siv_tests[n].Key, siv_tests[n].Keylen, diff --git a/src/hashes/chc/chc.c b/src/hashes/chc/chc.c index e82b2b39a..3a394d481 100644 --- a/src/hashes/chc/chc.c +++ b/src/hashes/chc/chc.c @@ -277,7 +277,7 @@ int chc_test(void) oldhashidx = cipher_idx; chc_register(idx); - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { if ((err = chc_init(&md)) != CRYPT_OK) { return err; } diff --git a/src/hashes/rmd128.c b/src/hashes/rmd128.c index 7d57af8c1..cc894e121 100644 --- a/src/hashes/rmd128.c +++ b/src/hashes/rmd128.c @@ -380,7 +380,7 @@ int rmd128_test(void) unsigned char tmp[16]; hash_state md; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { rmd128_init(&md); rmd128_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); rmd128_done(&md, tmp); diff --git a/src/hashes/rmd160.c b/src/hashes/rmd160.c index 6e45a7e50..d4cba276d 100644 --- a/src/hashes/rmd160.c +++ b/src/hashes/rmd160.c @@ -439,7 +439,7 @@ int rmd160_test(void) unsigned char tmp[20]; hash_state md; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { rmd160_init(&md); rmd160_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); rmd160_done(&md, tmp); diff --git a/src/hashes/rmd256.c b/src/hashes/rmd256.c index 704c86ee5..4eecd3f87 100644 --- a/src/hashes/rmd256.c +++ b/src/hashes/rmd256.c @@ -405,7 +405,7 @@ int rmd256_test(void) unsigned char tmp[32]; hash_state md; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { rmd256_init(&md); rmd256_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); rmd256_done(&md, tmp); diff --git a/src/hashes/rmd320.c b/src/hashes/rmd320.c index e25b6d93a..1148b42da 100644 --- a/src/hashes/rmd320.c +++ b/src/hashes/rmd320.c @@ -470,7 +470,7 @@ int rmd320_test(void) unsigned char tmp[40]; hash_state md; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { rmd320_init(&md); rmd320_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); rmd320_done(&md, tmp); diff --git a/src/hashes/whirl/whirl.c b/src/hashes/whirl/whirl.c index c1e46160a..802cdc3f6 100644 --- a/src/hashes/whirl/whirl.c +++ b/src/hashes/whirl/whirl.c @@ -281,7 +281,7 @@ int whirlpool_test(void) unsigned char tmp[64]; hash_state md; - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(tests); i++) { whirlpool_init(&md); whirlpool_process(&md, (unsigned char *)tests[i].msg, tests[i].len); whirlpool_done(&md, tmp); diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 854f8364b..a9723f4b2 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -45,6 +45,8 @@ LTC_STATIC_ASSERT(correct_ltc_uintptr_size, sizeof(ltc_uintptr) == sizeof(void*) #define LTC_NULL ((void *)0) #endif +#define LTC_ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0])) + /* * Internal Enums */ diff --git a/src/mac/f9/f9_test.c b/src/mac/f9/f9_test.c index 779fdf130..2616d42bc 100644 --- a/src/mac/f9/f9_test.c +++ b/src/mac/f9/f9_test.c @@ -48,7 +48,7 @@ int f9_test(void) return CRYPT_NOP; } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { taglen = 4; if ((err = f9_memory(idx, tests[x].K, 16, tests[x].M, tests[x].msglen, T, &taglen)) != CRYPT_OK) { return err; diff --git a/src/mac/omac/omac_test.c b/src/mac/omac/omac_test.c index bca6d9c64..c79779468 100644 --- a/src/mac/omac/omac_test.c +++ b/src/mac/omac/omac_test.c @@ -76,7 +76,7 @@ int omac_test(void) } } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { len = sizeof(out); if ((err = omac_memory(idx, tests[x].key, tests[x].keylen, tests[x].msg, tests[x].msglen, out, &len)) != CRYPT_OK) { return err; diff --git a/src/mac/pelican/pelican_test.c b/src/mac/pelican/pelican_test.c index 2ec696aaa..31a237c0a 100644 --- a/src/mac/pelican/pelican_test.c +++ b/src/mac/pelican/pelican_test.c @@ -80,7 +80,7 @@ int pelican_test(void) unsigned char out[16]; pelican_state pel; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { if ((err = pelican_init(&pel, tests[x].K, tests[x].keylen)) != CRYPT_OK) { return err; } diff --git a/src/mac/pmac/pmac_init.c b/src/mac/pmac/pmac_init.c index 3b6751042..46f645c42 100644 --- a/src/mac/pmac/pmac_init.c +++ b/src/mac/pmac/pmac_init.c @@ -51,12 +51,12 @@ int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned l /* determine which polys to use */ pmac->block_len = cipher_descriptor[cipher].block_length; - for (poly = 0; poly < (int)(sizeof(polys)/sizeof(polys[0])); poly++) { + for (poly = 0; poly < (int)LTC_ARRAY_SIZE(polys); poly++) { if (polys[poly].len == pmac->block_len) { break; } } - if (poly >= (int)(sizeof(polys)/sizeof(polys[0]))) { + if (poly >= (int)LTC_ARRAY_SIZE(polys)) { return CRYPT_INVALID_ARG; } if (polys[poly].len != pmac->block_len) { diff --git a/src/mac/pmac/pmac_test.c b/src/mac/pmac/pmac_test.c index 3ccf06e23..ccbd6c648 100644 --- a/src/mac/pmac/pmac_test.c +++ b/src/mac/pmac/pmac_test.c @@ -124,7 +124,7 @@ int pmac_test(void) } } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { len = sizeof(outtag); if ((err = pmac_memory(idx, tests[x].key, 16, tests[x].msg, tests[x].msglen, outtag, &len)) != CRYPT_OK) { return err; diff --git a/src/mac/xcbc/xcbc_test.c b/src/mac/xcbc/xcbc_test.c index 23555de04..2c6110523 100644 --- a/src/mac/xcbc/xcbc_test.c +++ b/src/mac/xcbc/xcbc_test.c @@ -98,7 +98,7 @@ int xcbc_test(void) } } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { taglen = 16; if ((err = xcbc_memory(idx, tests[x].K, 16, tests[x].M, tests[x].msglen, T, &taglen)) != CRYPT_OK) { return err; diff --git a/src/math/ltm_desc.c b/src/math/ltm_desc.c index a7df2222b..99c9f14b2 100644 --- a/src/math/ltm_desc.c +++ b/src/math/ltm_desc.c @@ -33,7 +33,7 @@ static int mpi_to_ltc_error(mp_err err) { size_t x; - for (x = 0; x < sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0]); x++) { + for (x = 0; x < LTC_ARRAY_SIZE(mpi_to_ltc_codes); x++) { if (err == mpi_to_ltc_codes[x].mpi_code) { return mpi_to_ltc_codes[x].ltc_code; } diff --git a/src/math/tfm_desc.c b/src/math/tfm_desc.c index 94a1d7869..7c3b40072 100644 --- a/src/math/tfm_desc.c +++ b/src/math/tfm_desc.c @@ -39,7 +39,7 @@ static int tfm_to_ltc_error(int err) { int x; - for (x = 0; x < (int)(sizeof(tfm_to_ltc_codes)/sizeof(tfm_to_ltc_codes[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tfm_to_ltc_codes); x++) { if (err == tfm_to_ltc_codes[x].tfm_code) { return tfm_to_ltc_codes[x].ltc_code; } diff --git a/src/misc/error_to_string.c b/src/misc/error_to_string.c index 631fdbced..fd306bbab 100644 --- a/src/misc/error_to_string.c +++ b/src/misc/error_to_string.c @@ -54,7 +54,7 @@ static const char * const err_2_str[CRYPT_ERR_NUM] = "The PEM header was not recognized", }; -LTC_STATIC_ASSERT(correct_err_2_str_size, (sizeof(err_2_str)/sizeof(err_2_str[0])) == CRYPT_ERR_NUM) +LTC_STATIC_ASSERT(correct_err_2_str_size, LTC_ARRAY_SIZE(err_2_str) == CRYPT_ERR_NUM) /** Convert an LTC error code to ASCII diff --git a/src/misc/pbes/pbes2.c b/src/misc/pbes/pbes2.c index cfb3426e5..75d17d311 100644 --- a/src/misc/pbes/pbes2.c +++ b/src/misc/pbes/pbes2.c @@ -51,7 +51,7 @@ static const oid_to_pbes s_pbes2_list[] = { static int s_pbes2_from_oid(const ltc_asn1_list *cipher_oid, const ltc_asn1_list *hmac_oid, pbes_properties *res) { unsigned int i; - for (i = 0; i < sizeof(s_pbes2_list)/sizeof(s_pbes2_list[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(s_pbes2_list); ++i) { if (pk_oid_cmp_with_asn1(s_pbes2_list[i].oid, cipher_oid) == CRYPT_OK) { *res = *s_pbes2_list[i].data; break; @@ -59,7 +59,7 @@ static int s_pbes2_from_oid(const ltc_asn1_list *cipher_oid, const ltc_asn1_list } if (res->c == NULL) return CRYPT_INVALID_CIPHER; if (hmac_oid != NULL) { - for (i = 0; i < sizeof(s_hmac_oid_names)/sizeof(s_hmac_oid_names[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(s_hmac_oid_names); ++i) { if (pk_oid_cmp_with_asn1(s_hmac_oid_names[i].oid, hmac_oid) == CRYPT_OK) { res->h = s_hmac_oid_names[i].id; return CRYPT_OK; diff --git a/src/misc/pem/pem.c b/src/misc/pem/pem.c index c518c6dee..632515914 100644 --- a/src/misc/pem/pem.c +++ b/src/misc/pem/pem.c @@ -65,7 +65,7 @@ const struct pem_header_id pem_std_headers[] = { .pka = LTC_PKA_DSA, }, }; -const unsigned long pem_std_headers_num = sizeof(pem_std_headers)/sizeof(pem_std_headers[0]); +const unsigned long pem_std_headers_num = LTC_ARRAY_SIZE(pem_std_headers); /* Encrypted PEM files */ const struct str pem_proc_type_encrypted = { SET_CSTR(, "Proc-Type: 4,ENCRYPTED") }; @@ -147,7 +147,7 @@ const struct blockcipher_info pem_dek_infos[] = { .name = "SEED-CFB,", .algo = "seed", .keylen = 128 / 8, .mode = cm_cfb, }, { .name = "SEED-OFB,", .algo = "seed", .keylen = 128 / 8, .mode = cm_ofb, }, }; -const unsigned long pem_dek_infos_num = sizeof(pem_dek_infos)/sizeof(pem_dek_infos[0]); +const unsigned long pem_dek_infos_num = LTC_ARRAY_SIZE(pem_dek_infos); int pem_decrypt(unsigned char *data, unsigned long *datalen, unsigned char *key, unsigned long keylen, diff --git a/src/misc/pem/pem_pkcs.c b/src/misc/pem/pem_pkcs.c index 0411d6427..e99f29ea0 100644 --- a/src/misc/pem/pem_pkcs.c +++ b/src/misc/pem/pem_pkcs.c @@ -96,7 +96,7 @@ static int s_import_x509(unsigned char *asn1_cert, unsigned long asn1_len, ltc_p return err; } if (pka < 0 - || pka > sizeof(s_import_x509_fns)/sizeof(s_import_x509_fns[0]) + || pka > LTC_ARRAY_SIZE(s_import_x509_fns) || s_import_x509_fns[pka] == NULL) { return CRYPT_PK_INVALID_TYPE; } @@ -251,7 +251,7 @@ static int s_decode(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_c } if (pka < 0 - || pka > sizeof(s_import_openssl_fns)/sizeof(s_import_openssl_fns[0]) + || pka > LTC_ARRAY_SIZE(s_import_openssl_fns) || s_import_openssl_fns[pka] == NULL) { err = CRYPT_PK_INVALID_TYPE; goto cleanup; diff --git a/src/misc/pem/pem_ssh.c b/src/misc/pem/pem_ssh.c index fa03d8f47..0117dbf3a 100644 --- a/src/misc/pem/pem_ssh.c +++ b/src/misc/pem/pem_ssh.c @@ -47,7 +47,7 @@ const struct blockcipher_info ssh_ciphers[] = { .name = "twofish256-cbc", .algo = "twofish", .keylen = 256 / 8, .mode = cm_cbc }, { .name = "twofish256-ctr", .algo = "twofish", .keylen = 256 / 8, .mode = cm_ctr }, }; -const unsigned long ssh_ciphers_num = sizeof(ssh_ciphers)/sizeof(ssh_ciphers[0]); +const unsigned long ssh_ciphers_num = LTC_ARRAY_SIZE(ssh_ciphers); struct kdf_options { const char *name; @@ -398,7 +398,7 @@ static int s_decode_key(const unsigned char *in, unsigned long *inlen, ltc_pka_k remaining -= cur_len; cur_len = remaining; - for (n = 0; n < sizeof(ssh_pkas)/sizeof(ssh_pkas[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(ssh_pkas); ++n) { if (ssh_pkas[n].name.p != NULL) { if (pkalen != ssh_pkas[n].name.len || XMEMCMP(pka, ssh_pkas[n].name.p, ssh_pkas[n].name.len) != 0) continue; @@ -411,7 +411,7 @@ static int s_decode_key(const unsigned char *in, unsigned long *inlen, ltc_pka_k } break; } - if (n == sizeof(ssh_pkas)/sizeof(ssh_pkas[0])) { + if (n == LTC_ARRAY_SIZE(ssh_pkas)) { return CRYPT_PK_INVALID_TYPE; } @@ -486,7 +486,7 @@ static int s_parse_line(char *line, unsigned long *len, ltc_pka_key *key, char * rlen = *len; /* Chop up string into the three authorized_keys_elements */ - for (n = 0; n < sizeof(elements)/sizeof(elements[0]) && rlen; ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(elements) && rlen; ++n) { skip_spaces(&r, &rlen); elements[n].p = r; if (n != 2) @@ -498,7 +498,7 @@ static int s_parse_line(char *line, unsigned long *len, ltc_pka_key *key, char * r++; } - for (n = 0; n < sizeof(ssh_pkas)/sizeof(ssh_pkas[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(ssh_pkas); ++n) { if (ssh_pkas[n].name.p != NULL) { if (elements[ake_algo_name].len != ssh_pkas[n].name.len || XMEMCMP(elements[ake_algo_name].p, ssh_pkas[n].name.p, ssh_pkas[n].name.len) != 0) continue; @@ -707,7 +707,7 @@ static const struct pem_header_id pem_openssh[] = { .flags = pf_public }, }; -static const unsigned long pem_openssh_num = sizeof(pem_openssh)/sizeof(pem_openssh[0]); +static const unsigned long pem_openssh_num = LTC_ARRAY_SIZE(pem_openssh); static int s_decode_openssh(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_ctx) { diff --git a/src/modes/ctr/ctr_test.c b/src/modes/ctr/ctr_test.c index df7e6493a..48c9498dc 100644 --- a/src/modes/ctr/ctr_test.c +++ b/src/modes/ctr/ctr_test.c @@ -51,7 +51,7 @@ int ctr_test(void) } } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { if ((err = ctr_start(idx, tests[x].IV, tests[x].key, tests[x].keylen, 0, CTR_COUNTER_BIG_ENDIAN|LTC_CTR_RFC3686, &ctr)) != CRYPT_OK) { return err; } diff --git a/src/modes/lrw/lrw_test.c b/src/modes/lrw/lrw_test.c index 3d9015ba0..893f88d3b 100644 --- a/src/modes/lrw/lrw_test.c +++ b/src/modes/lrw/lrw_test.c @@ -73,7 +73,7 @@ int lrw_test(void) } } - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) { /* schedule it */ if ((err = lrw_start(idx, tests[x].IV, tests[x].key, 16, tests[x].tweak, 0, &lrw)) != CRYPT_OK) { return err; diff --git a/src/pk/asn1/der/general/der_asn1_maps.c b/src/pk/asn1/der/general/der_asn1_maps.c index 8f54f091f..e98ab393f 100644 --- a/src/pk/asn1/der/general/der_asn1_maps.c +++ b/src/pk/asn1/der/general/der_asn1_maps.c @@ -39,7 +39,7 @@ const int der_asn1_type_to_identifier_map[] = 24, /* LTC_ASN1_GENERALIZEDTIME, */ -1, /* LTC_ASN1_CUSTOM_TYPE, */ }; -const unsigned long der_asn1_type_to_identifier_map_sz = sizeof(der_asn1_type_to_identifier_map)/sizeof(der_asn1_type_to_identifier_map[0]); +const unsigned long der_asn1_type_to_identifier_map_sz = LTC_ARRAY_SIZE(der_asn1_type_to_identifier_map); /** A Map from the ASN.1 Class to its string @@ -51,7 +51,7 @@ const char* der_asn1_class_to_string_map[] = "CONTEXT-SPECIFIC", "PRIVATE", }; -const unsigned long der_asn1_class_to_string_map_sz = sizeof(der_asn1_class_to_string_map)/sizeof(der_asn1_class_to_string_map[0]); +const unsigned long der_asn1_class_to_string_map_sz = LTC_ARRAY_SIZE(der_asn1_class_to_string_map); /** A Map from the ASN.1 P/C-bit to its string @@ -61,7 +61,7 @@ const char* der_asn1_pc_to_string_map[] = "PRIMITIVE", "CONSTRUCTED", }; -const unsigned long der_asn1_pc_to_string_map_sz = sizeof(der_asn1_pc_to_string_map)/sizeof(der_asn1_pc_to_string_map[0]); +const unsigned long der_asn1_pc_to_string_map_sz = LTC_ARRAY_SIZE(der_asn1_pc_to_string_map); /** A Map from the ASN.1 tag to its string @@ -106,7 +106,7 @@ const char* der_asn1_tag_to_string_map[] = "OID internationalized resource identifier type", "Relative OID internationalized resource identifier type", }; -const unsigned long der_asn1_tag_to_string_map_sz = sizeof(der_asn1_tag_to_string_map)/sizeof(der_asn1_tag_to_string_map[0]); +const unsigned long der_asn1_tag_to_string_map_sz = LTC_ARRAY_SIZE(der_asn1_tag_to_string_map); /** A Map from ASN.1 Tags to ltc_asn1_type @@ -152,6 +152,6 @@ const ltc_asn1_type der_asn1_tag_to_type_map[] = /* 30 */ LTC_ASN1_CUSTOM_TYPE, /* BMPString types */ }; -const unsigned long der_asn1_tag_to_type_map_sz = sizeof(der_asn1_tag_to_type_map)/sizeof(der_asn1_tag_to_type_map[0]); +const unsigned long der_asn1_tag_to_type_map_sz = LTC_ARRAY_SIZE(der_asn1_tag_to_type_map); #endif diff --git a/src/pk/asn1/der/general/der_decode_asn1_identifier.c b/src/pk/asn1/der/general/der_decode_asn1_identifier.c index 865e097dc..78866c9b0 100644 --- a/src/pk/asn1/der/general/der_decode_asn1_identifier.c +++ b/src/pk/asn1/der/general/der_decode_asn1_identifier.c @@ -47,7 +47,7 @@ static const unsigned char tag_constructed_map[] = LTC_ASN1_PC_PRIMITIVE, LTC_ASN1_PC_PRIMITIVE, }; - static const unsigned long tag_constructed_map_sz = sizeof(tag_constructed_map)/sizeof(tag_constructed_map[0]); + static const unsigned long tag_constructed_map_sz = LTC_ARRAY_SIZE(tag_constructed_map); /** Decode the ASN.1 Identifier diff --git a/src/pk/asn1/der/ia5/der_length_ia5_string.c b/src/pk/asn1/der/ia5/der_length_ia5_string.c index e397b1c8b..4bce85efa 100644 --- a/src/pk/asn1/der/ia5/der_length_ia5_string.c +++ b/src/pk/asn1/der/ia5/der_length_ia5_string.c @@ -119,7 +119,7 @@ static const struct { int der_ia5_char_encode(int c) { int x; - for (x = 0; x < (int)(sizeof(ia5_table)/sizeof(ia5_table[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(ia5_table); x++) { if (ia5_table[x].code == c) { return ia5_table[x].value; } @@ -130,7 +130,7 @@ int der_ia5_char_encode(int c) int der_ia5_value_decode(int v) { int x; - for (x = 0; x < (int)(sizeof(ia5_table)/sizeof(ia5_table[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(ia5_table); x++) { if (ia5_table[x].value == v) { return ia5_table[x].code; } diff --git a/src/pk/asn1/der/printable_string/der_length_printable_string.c b/src/pk/asn1/der/printable_string/der_length_printable_string.c index c52e36dfa..dcfcae9c1 100644 --- a/src/pk/asn1/der/printable_string/der_length_printable_string.c +++ b/src/pk/asn1/der/printable_string/der_length_printable_string.c @@ -91,7 +91,7 @@ static const struct { int der_printable_char_encode(int c) { int x; - for (x = 0; x < (int)(sizeof(printable_table)/sizeof(printable_table[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(printable_table); x++) { if (printable_table[x].code == c) { return printable_table[x].value; } @@ -102,7 +102,7 @@ int der_printable_char_encode(int c) int der_printable_value_decode(int v) { int x; - for (x = 0; x < (int)(sizeof(printable_table)/sizeof(printable_table[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(printable_table); x++) { if (printable_table[x].value == v) { return printable_table[x].code; } diff --git a/src/pk/asn1/der/teletex_string/der_length_teletex_string.c b/src/pk/asn1/der/teletex_string/der_length_teletex_string.c index 05dc4b026..01b94a3fe 100644 --- a/src/pk/asn1/der/teletex_string/der_length_teletex_string.c +++ b/src/pk/asn1/der/teletex_string/der_length_teletex_string.c @@ -135,7 +135,7 @@ static const struct { int der_teletex_char_encode(int c) { int x; - for (x = 0; x < (int)(sizeof(teletex_table)/sizeof(teletex_table[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(teletex_table); x++) { if (teletex_table[x].code == c) { return teletex_table[x].value; } @@ -146,7 +146,7 @@ int der_teletex_char_encode(int c) int der_teletex_value_decode(int v) { int x; - for (x = 0; x < (int)(sizeof(teletex_table)/sizeof(teletex_table[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(teletex_table); x++) { if (teletex_table[x].value == v) { return teletex_table[x].code; } diff --git a/src/pk/asn1/oid/pk_get.c b/src/pk/asn1/oid/pk_get.c index 48a8a9840..1fd5872e2 100644 --- a/src/pk/asn1/oid/pk_get.c +++ b/src/pk/asn1/oid/pk_get.c @@ -66,7 +66,7 @@ int pk_get_oid_id(enum ltc_pka_id pka, enum ltc_oid_id *oid) { unsigned int i; LTC_ARGCHK(oid != NULL); - for (i = 1; i < sizeof(pka_oids)/sizeof(pka_oids[0]); ++i) { + for (i = 1; i < LTC_ARRAY_SIZE(pka_oids); ++i) { if (pka_oids[i].pka == pka) { *oid = pka_oids[i].id; return CRYPT_OK; @@ -95,7 +95,7 @@ int pk_get_oid_from_asn1(const ltc_asn1_list *oid, enum ltc_oid_id *id) return err; } - for (i = 1; i < sizeof(pka_oids)/sizeof(pka_oids[0]); ++i) { + for (i = 1; i < LTC_ARRAY_SIZE(pka_oids); ++i) { if (XSTRCMP(pka_oids[i].oid, tmp) == 0) { *id = pka_oids[i].id; return CRYPT_OK; diff --git a/src/pk/asn1/x509/x509_decode_subject_public_key_info.c b/src/pk/asn1/x509/x509_decode_subject_public_key_info.c index f958825df..072561112 100644 --- a/src/pk/asn1/x509/x509_decode_subject_public_key_info.c +++ b/src/pk/asn1/x509/x509_decode_subject_public_key_info.c @@ -70,7 +70,7 @@ int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long i } /* this includes the internal hash ID and optional params (NULL in this case) */ - LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid)/sizeof(tmpoid[0])); + LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, LTC_ARRAY_SIZE(tmpoid)); if (parameters_type == LTC_ASN1_EOL) { alg_id_num = 1; } else { diff --git a/src/pk/asn1/x509/x509_encode_subject_public_key_info.c b/src/pk/asn1/x509/x509_encode_subject_public_key_info.c index 874574d05..52a80a1c6 100644 --- a/src/pk/asn1/x509/x509_encode_subject_public_key_info.c +++ b/src/pk/asn1/x509/x509_encode_subject_public_key_info.c @@ -47,7 +47,7 @@ int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outle return err; } - oidlen = sizeof(oid)/sizeof(oid[0]); + oidlen = LTC_ARRAY_SIZE(oid); if ((err = pk_oid_str_to_num(OID, oid, &oidlen)) != CRYPT_OK) { return err; } @@ -56,7 +56,7 @@ int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outle LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, parameters_len); return der_encode_sequence_multi(out, outlen, - LTC_ASN1_SEQUENCE, (unsigned long)sizeof(alg_id)/sizeof(alg_id[0]), alg_id, + LTC_ASN1_SEQUENCE, (unsigned long)LTC_ARRAY_SIZE(alg_id), alg_id, LTC_ASN1_RAW_BIT_STRING, public_key_len*8U, public_key, LTC_ASN1_EOL, 0UL, NULL); diff --git a/src/pk/dsa/dsa_decrypt_key.c b/src/pk/dsa/dsa_decrypt_key.c index fa87ef95f..734a2e0c6 100644 --- a/src/pk/dsa/dsa_decrypt_key.c +++ b/src/pk/dsa/dsa_decrypt_key.c @@ -40,7 +40,7 @@ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, } /* decode to find out hash */ - LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); + LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, LTC_ARRAY_SIZE(hashOID)); err = der_decode_sequence(in, inlen, decode, 1); if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { return err; diff --git a/src/pk/dsa/dsa_generate_pqg.c b/src/pk/dsa/dsa_generate_pqg.c index cad6787bb..794bfddfe 100644 --- a/src/pk/dsa/dsa_generate_pqg.c +++ b/src/pk/dsa/dsa_generate_pqg.c @@ -89,7 +89,7 @@ static int s_dsa_make_params(prng_state *prng, int wprng, int group_size, int mo #endif hash = -1; - for (i = 0; i < sizeof(accepted_hashes)/sizeof(accepted_hashes[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(accepted_hashes); ++i) { hash = find_hash(accepted_hashes[i]); if (hash != -1) break; } diff --git a/src/pk/ec25519/ec25519_export.c b/src/pk/ec25519/ec25519_export.c index a6dba677b..5cd7c10ff 100644 --- a/src/pk/ec25519/ec25519_export.c +++ b/src/pk/ec25519/ec25519_export.c @@ -46,7 +46,7 @@ int ec25519_export( unsigned char *out, unsigned long *outlen, if ((err = pk_get_oid(oid_id, &OID)) != CRYPT_OK) { return err; } - oidlen = sizeof(oid)/sizeof(oid[0]); + oidlen = LTC_ARRAY_SIZE(oid); if ((err = pk_oid_str_to_num(OID, oid, &oidlen)) != CRYPT_OK) { return err; } diff --git a/src/pk/ecc/ecc_decrypt_key.c b/src/pk/ecc/ecc_decrypt_key.c index 6697eda00..7a4fac2e7 100644 --- a/src/pk/ecc/ecc_decrypt_key.c +++ b/src/pk/ecc/ecc_decrypt_key.c @@ -41,7 +41,7 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, } /* decode to find out hash */ - LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); + LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, LTC_ARRAY_SIZE(hashOID)); err = der_decode_sequence(in, inlen, decode, 1); if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { return err; diff --git a/src/pk/ecc/ecc_export_openssl.c b/src/pk/ecc/ecc_export_openssl.c index 35d8ed05d..a58f40eb3 100644 --- a/src/pk/ecc/ecc_export_openssl.c +++ b/src/pk/ecc/ecc_export_openssl.c @@ -90,7 +90,7 @@ int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, cons } */ - oidlen = sizeof(oid)/sizeof(oid[0]); + oidlen = LTC_ARRAY_SIZE(oid); if ((err = pk_oid_str_to_num(OID, oid, &oidlen)) != CRYPT_OK) { goto error; } diff --git a/src/pk/rsa/rsa_key.c b/src/pk/rsa/rsa_key.c index 12b88ce39..7eb21b843 100644 --- a/src/pk/rsa/rsa_key.c +++ b/src/pk/rsa/rsa_key.c @@ -24,7 +24,7 @@ static void s_mpi_shrink_multi(void **a, ...) cur = a; va_start(args, a); while (cur != NULL) { - if (n >= sizeof(tmp)/sizeof(tmp[0])) { + if (n >= LTC_ARRAY_SIZE(tmp)) { goto out; } if (*cur != NULL) { @@ -49,8 +49,8 @@ static void s_mpi_shrink_multi(void **a, ...) * or after this was called with too many args */ if ((err != CRYPT_OK) || - (n >= sizeof(tmp)/sizeof(tmp[0]))) { - for (n = 0; n < sizeof(tmp)/sizeof(tmp[0]); ++n) { + (n >= LTC_ARRAY_SIZE(tmp))) { + for (n = 0; n < LTC_ARRAY_SIZE(tmp); ++n) { if (tmp[n] != NULL) { ltc_mp_clear(tmp[n]); } diff --git a/src/pk/rsa/rsa_verify_hash.c b/src/pk/rsa/rsa_verify_hash.c index 9b2577bb5..9ca1641a6 100644 --- a/src/pk/rsa/rsa_verify_hash.c +++ b/src/pk/rsa/rsa_verify_hash.c @@ -131,7 +131,7 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long sigle hash OCTET STRING } */ - LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, loid, sizeof(loid)/sizeof(loid[0])); + LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, loid, LTC_ARRAY_SIZE(loid)); LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL, NULL, 0); LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2); LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, tmpbuf, siglen); diff --git a/tests/base64_test.c b/tests/base64_test.c index 2a5e5e7a8..0caae31e6 100644 --- a/tests/base64_test.c +++ b/tests/base64_test.c @@ -71,7 +71,7 @@ int base64_test(void) {"vuiSPKIl8PiR5O-rC4z9_xTQK", invalid}, }; - for (x = 0; x < sizeof(url_cases)/sizeof(url_cases[0]); ++x) { + for (x = 0; x < LTC_ARRAY_SIZE(url_cases); ++x) { slen1 = XSTRLEN(url_cases[x].s); l1 = sizeof(tmp); if(url_cases[x].flag == strict) { @@ -113,7 +113,7 @@ int base64_test(void) #endif #if defined(LTC_BASE64) - for (x = 0; x < sizeof(cases)/sizeof(cases[0]); ++x) { + for (x = 0; x < LTC_ARRAY_SIZE(cases); ++x) { memset(out, 0, sizeof(out)); memset(tmp, 0, sizeof(tmp)); slen1 = XSTRLEN(cases[x].s); diff --git a/tests/der_test.c b/tests/der_test.c index 4823741a7..bf7311def 100644 --- a/tests/der_test.c +++ b/tests/der_test.c @@ -1014,7 +1014,7 @@ static void der_flexi_test(void) exit(EXIT_FAILURE); } - if (l->size != sizeof(oid_str)/sizeof(oid_str[0]) || memcmp(oid_str, l->data, l->size*sizeof(oid_str[0]))) { + if (l->size != LTC_ARRAY_SIZE(oid_str) || memcmp(oid_str, l->data, l->size*sizeof(oid_str[0]))) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } @@ -1097,13 +1097,13 @@ static int der_choice_n_custom_test(void) for (x = 0; x < sizeof(octetbuf); x++) { octetbuf[x] = x; } for (x = 0; x < sizeof(ia5buf); x++) { ia5buf[x] = 'a'; } for (x = 0; x < sizeof(printbuf); x++) { printbuf[x] = 'a'; } - for (x = 0; x < sizeof(utf8buf)/sizeof(utf8buf[0]); x++) { utf8buf[x] = L'a'; } + for (x = 0; x < LTC_ARRAY_SIZE(utf8buf); x++) { utf8buf[x] = L'a'; } integer = 1; boolean[0] = 1; - for (x = 0; x < sizeof(oidbuf)/sizeof(oidbuf[0]); x++) { oidbuf[x] = x + 1; } + for (x = 0; x < LTC_ARRAY_SIZE(oidbuf); x++) { oidbuf[x] = x + 1; } DO(ltc_mp_init(&mpinteger)); - n = sizeof(types)/sizeof(types[0]); + n = LTC_ARRAY_SIZE(types); for (x = 0; x < n * 2; x++) { /* setup list */ y = 0; @@ -1115,13 +1115,13 @@ static int der_choice_n_custom_test(void) } LTC_SET_ASN1(types, y++, LTC_ASN1_OCTET_STRING, octetbuf, sizeof(octetbuf)); LTC_SET_ASN1(types, y++, LTC_ASN1_IA5_STRING, ia5buf, sizeof(ia5buf)); - LTC_SET_ASN1(types, y++, LTC_ASN1_BOOLEAN, boolean, sizeof(boolean)/sizeof(boolean[0])); + LTC_SET_ASN1(types, y++, LTC_ASN1_BOOLEAN, boolean, LTC_ARRAY_SIZE(boolean)); if (x > n) { LTC_SET_ASN1(types, y++, LTC_ASN1_SHORT_INTEGER, &integer, 1); } else { LTC_SET_ASN1(types, y++, LTC_ASN1_INTEGER, mpinteger, 1); } - LTC_SET_ASN1(types, y++, LTC_ASN1_OBJECT_IDENTIFIER, oidbuf, sizeof(oidbuf)/sizeof(oidbuf[0])); + LTC_SET_ASN1(types, y++, LTC_ASN1_OBJECT_IDENTIFIER, oidbuf, LTC_ARRAY_SIZE(oidbuf)); if (x > n) { LTC_SET_ASN1(types, y++, LTC_ASN1_UTCTIME, &utctime, 1); } else { @@ -1131,7 +1131,7 @@ static int der_choice_n_custom_test(void) LTC_SET_ASN1(custom, 0, LTC_ASN1_NULL, NULL, 0); LTC_SET_ASN1_CUSTOM_CONSTRUCTED(types, y++, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, custom); - LTC_SET_ASN1(types, y++, LTC_ASN1_UTF8_STRING, utf8buf, sizeof(utf8buf)/sizeof(utf8buf[0])); + LTC_SET_ASN1(types, y++, LTC_ASN1_UTF8_STRING, utf8buf, LTC_ARRAY_SIZE(utf8buf)); LTC_SET_ASN1(host, 0, LTC_ASN1_CHOICE, types, n); @@ -1344,7 +1344,7 @@ static void der_Xcode_test(void) DER_XCODE(utf8_string, wchar_string), }; - for (i = 0; i < sizeof(xcode_tests)/sizeof(xcode_tests[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(xcode_tests); ++i) { der_Xcode_run(&xcode_tests[i]); } @@ -1425,7 +1425,7 @@ static void s_der_regression_test(void) SHOULD_FAIL(der_decode_sequence_flexi(issue_507, &len, &l)); len = sizeof(utf8_length); - outlen = sizeof(wtmp)/sizeof(wtmp[0]); + outlen = LTC_ARRAY_SIZE(wtmp); DO(der_decode_utf8_string(utf8_length, len, wtmp, &outlen)); ENSURE(outlen == 2); } @@ -1544,7 +1544,7 @@ static void der_toolong_test(void) ltc_mp_deinit_multi(int1, int2, LTC_NULL); - LTC_SET_ASN1(seqoid, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, sizeof(oid)/sizeof(oid[0])); + LTC_SET_ASN1(seqoid, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, LTC_ARRAY_SIZE(oid)); LTC_SET_ASN1(seqoid, 1, LTC_ASN1_NULL, NULL, 0); LTC_SET_ASN1(seqmain, 0, LTC_ASN1_SEQUENCE, seqoid, 2); LTC_SET_ASN1(seqmain, 1, LTC_ASN1_OCTET_STRING, buf32, 32); @@ -1805,7 +1805,7 @@ int der_test(void) /* test OID */ x = sizeof(buf[0]); - DO(der_encode_object_identifier((unsigned long*)rsa_oid, sizeof(rsa_oid)/sizeof(rsa_oid[0]), buf[0], &x)); + DO(der_encode_object_identifier((unsigned long*)rsa_oid, LTC_ARRAY_SIZE(rsa_oid), buf[0], &x)); if (x != sizeof(rsa_oid_der) || memcmp(rsa_oid_der, buf[0], x)) { fprintf(stderr, "rsa_oid_der encode failed to match, %lu, ", x); for (y = 0; y < x; y++) fprintf(stderr, "%02x ", buf[0][y]); @@ -1813,9 +1813,9 @@ int der_test(void) return 1; } - y = sizeof(oid[0])/sizeof(oid[0][0]); + y = LTC_ARRAY_SIZE(oid[0]); DO(der_decode_object_identifier(buf[0], x, oid[0], &y)); - if (y != sizeof(rsa_oid)/sizeof(rsa_oid[0]) || memcmp(rsa_oid, oid[0], sizeof(rsa_oid))) { + if (y != LTC_ARRAY_SIZE(rsa_oid) || memcmp(rsa_oid, oid[0], sizeof(rsa_oid))) { fprintf(stderr, "rsa_oid_der decode failed to match, %lu, ", y); for (z = 0; z < y; z++) fprintf(stderr, "%lu ", oid[0][z]); fprintf(stderr, "\n"); @@ -1827,7 +1827,7 @@ int der_test(void) /* pick a random number of words */ ENSURE(yarrow_read(buf[0], 4, &yarrow_prng) == 4); LOAD32L(z, buf[0]); - z = 2 + (z % ((sizeof(oid[0])/sizeof(oid[0][0])) - 2)); + z = 2 + (z % (LTC_ARRAY_SIZE(oid[0]) - 2)); /* fill them in */ oid[0][0] = buf[0][0] % 3; @@ -1849,7 +1849,7 @@ int der_test(void) } /* decode it */ - y = sizeof(oid[0])/sizeof(oid[0][0]); + y = LTC_ARRAY_SIZE(oid[0]); DO(der_decode_object_identifier(buf[0], x, oid[1], &y)); if (y != z) { fprintf(stderr, "Random OID %lu test failed, decode length mismatch: %lu, %lu\n", z, x, y); diff --git a/tests/ecc_test.c b/tests/ecc_test.c index e599a5c15..b70666590 100644 --- a/tests/ecc_test.c +++ b/tests/ecc_test.c @@ -156,7 +156,7 @@ static int s_ecc_test_shamir(void) LTC_ARGCHK((C1 = ltc_ecc_new_point()) != NULL); LTC_ARGCHK((C2 = ltc_ecc_new_point()) != NULL); - for (x = 0; x < (int)(sizeof(sizes)/sizeof(sizes[0])); x++) { + for (x = 0; x < (int)LTC_ARRAY_SIZE(sizes); x++) { /* get the base point */ for (z = 0; ltc_ecc_curves[z].prime != NULL; z++) { DO(ltc_mp_read_radix(modulus, ltc_ecc_curves[z].prime, 16)); @@ -406,7 +406,7 @@ static int s_ecc_old_api(void) ecc_sizes(&low, &high); if (low < 14 || high < 14 || low > 100 || high > 100 || high < low) return CRYPT_FAIL_TESTVECTOR; - for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) { + for (s = 0; s < LTC_ARRAY_SIZE(sizes); s++) { /* make up two keys */ DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera)); DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &userb)); @@ -557,7 +557,7 @@ static int s_ecc_new_api(void) unsigned char data16[16] = { 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1 }; unsigned long len16; - for (i = 0; i < (int)(sizeof(curvenames)/sizeof(curvenames[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(curvenames); i++) { DO(ecc_find_curve(curvenames[i], &dp)); /* make new key */ DO(ecc_make_key_ex(&yarrow_prng, find_prng ("yarrow"), &key, dp)); @@ -1985,7 +1985,7 @@ static int s_ecc_test_recovery(void) ecc_free(&pubkey); #endif - for (i = 0; i < (int)(sizeof(curvenames)/sizeof(curvenames[0])); i++) { + for (i = 0; i < (int)LTC_ARRAY_SIZE(curvenames); i++) { DO(ecc_find_curve(curvenames[i], &dp)); /* generate new key */ diff --git a/tests/ed25519_test.c b/tests/ed25519_test.c index 63594a1c1..45f871db9 100644 --- a/tests/ed25519_test.c +++ b/tests/ed25519_test.c @@ -66,7 +66,7 @@ static int s_rfc_8410_10_test(void) char tmp[512]; unsigned long buflen, tmplen; password_ctx pw_ctx = { .callback = password_get }; - for (n = 0; n < sizeof(rfc_8410_10)/sizeof(rfc_8410_10[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(rfc_8410_10); ++n) { buflen = sizeof(buf); DO(base64_decode(rfc_8410_10[n].b64, XSTRLEN(rfc_8410_10[n].b64), buf, &buflen)); switch (n) { @@ -213,7 +213,7 @@ static int s_rfc_8032_7_1_test(void) curve25519_key key, key2; int ret; const int should = 1; - for (n = 0; n < sizeof(rfc_8032_7_1)/sizeof(rfc_8032_7_1[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(rfc_8032_7_1); ++n) { slen = sizeof(sec); DO(base16_decode(rfc_8032_7_1[n].secret_key, XSTRLEN(rfc_8032_7_1[n].secret_key), sec, &slen)); plen = sizeof(pub); @@ -316,7 +316,7 @@ static int s_rfc_8032_7_2_test(void) int ret; const int should = 1; - for (n = 0; n < sizeof(rfc_8032_7_2)/sizeof(rfc_8032_7_2[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(rfc_8032_7_2); ++n) { slen = sizeof(sec); DO(base16_decode(rfc_8032_7_2[n].secret_key, XSTRLEN(rfc_8032_7_2[n].secret_key), sec, &slen)); plen = sizeof(pub); diff --git a/tests/modes_test.c b/tests/modes_test.c index 0155e5d43..a54c7efd1 100644 --- a/tests/modes_test.c +++ b/tests/modes_test.c @@ -108,7 +108,7 @@ int modes_test(void) l = sizeof(w); \ DO(base16_decode(e . w, XSTRLEN(e . w), w, &l)); \ } while(0) - for (n = 0; n < sizeof(cfb_testvectors)/sizeof(cfb_testvectors[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(cfb_testvectors); ++n) { b16(cfb_testvectors[n], key); b16(cfb_testvectors[n], iv); b16(cfb_testvectors[n], pt); diff --git a/tests/padding_test.c b/tests/padding_test.c index b111cc848..9cc9add4a 100644 --- a/tests/padding_test.c +++ b/tests/padding_test.c @@ -188,11 +188,11 @@ int padding_test(void) unsigned char buf[256 + 16]; unsigned long l; - for (i = 0; i < sizeof(cases)/sizeof(cases[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(cases); ++i) { DOX(s_padding_testrun(&cases[i]), cases[i].name); } - for (i = 0; i < sizeof(tv)/sizeof(tv[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(tv); ++i) { XMEMCPY(buf, tv[i].data, sizeof(tv[i].data)); l = sizeof(tv[i].data); DO(padding_depad(buf, &l, tv[i].mode)); diff --git a/tests/pkcs_1_eme_test.c b/tests/pkcs_1_eme_test.c index 2e0fc61c4..ca540360b 100644 --- a/tests/pkcs_1_eme_test.c +++ b/tests/pkcs_1_eme_test.c @@ -21,7 +21,7 @@ int pkcs_1_eme_test(void) DO(prng_is_valid(prng_idx)); DO(hash_is_valid(hash_idx)); - for (i = 0; i < sizeof(testcases_eme)/sizeof(testcases_eme[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(testcases_eme); ++i) { testcase_t* t = &testcases_eme[i]; rsa_key k, *key = &k; DOX(ltc_mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, @@ -37,7 +37,7 @@ int pkcs_1_eme_test(void) DOX(ltc_mp_read_unsigned_bin(key->p, t->rsa.p, t->rsa.p_l), t->name); key->type = PK_PRIVATE; - for (j = 0; j < sizeof(t->data)/sizeof(t->data[0]); ++j) { + for (j = 0; j < LTC_ARRAY_SIZE(t->data); ++j) { rsaData_t* s = &t->data[j]; unsigned char buf[256], obuf[256]; unsigned long buflen = sizeof(buf), obuflen = sizeof(obuf); diff --git a/tests/pkcs_1_emsa_test.c b/tests/pkcs_1_emsa_test.c index 405138a69..ba66f079a 100644 --- a/tests/pkcs_1_emsa_test.c +++ b/tests/pkcs_1_emsa_test.c @@ -18,7 +18,7 @@ int pkcs_1_emsa_test(void) DO(hash_is_valid(hash_idx)); - for (i = 0; i < sizeof(testcases_emsa)/sizeof(testcases_emsa[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(testcases_emsa); ++i) { testcase_t* t = &testcases_emsa[i]; rsa_key k, *key = &k; DOX(ltc_mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, @@ -34,7 +34,7 @@ int pkcs_1_emsa_test(void) DOX(ltc_mp_read_unsigned_bin(key->p, t->rsa.p, t->rsa.p_l), t->name); key->type = PK_PRIVATE; - for (j = 0; j < sizeof(t->data)/sizeof(t->data[0]); ++j) { + for (j = 0; j < LTC_ARRAY_SIZE(t->data); ++j) { rsaData_t* s = &t->data[j]; unsigned char buf[20], obuf[256]; unsigned long buflen = sizeof(buf), obuflen = sizeof(obuf); diff --git a/tests/pkcs_1_oaep_test.c b/tests/pkcs_1_oaep_test.c index b0d484bb0..1cb6ca128 100644 --- a/tests/pkcs_1_oaep_test.c +++ b/tests/pkcs_1_oaep_test.c @@ -21,7 +21,7 @@ int pkcs_1_oaep_test(void) DO(prng_is_valid(prng_idx)); DO(hash_is_valid(hash_idx)); - for (i = 0; i < sizeof(testcases_oaep)/sizeof(testcases_oaep[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(testcases_oaep); ++i) { testcase_t* t = &testcases_oaep[i]; rsa_key k, *key = &k; DOX(ltc_mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, @@ -37,7 +37,7 @@ int pkcs_1_oaep_test(void) DOX(ltc_mp_read_unsigned_bin(key->p, t->rsa.p, t->rsa.p_l), t->name); key->type = PK_PRIVATE; - for (j = 0; j < sizeof(t->data)/sizeof(t->data[0]); ++j) { + for (j = 0; j < LTC_ARRAY_SIZE(t->data); ++j) { rsaData_t* s = &t->data[j]; unsigned char buf[256], obuf[256]; unsigned long buflen = sizeof(buf), obuflen = sizeof(obuf); diff --git a/tests/pkcs_1_pss_test.c b/tests/pkcs_1_pss_test.c index cea2a1a6a..a62e53ff0 100644 --- a/tests/pkcs_1_pss_test.c +++ b/tests/pkcs_1_pss_test.c @@ -21,7 +21,7 @@ int pkcs_1_pss_test(void) DO(prng_is_valid(prng_idx)); DO(hash_is_valid(hash_idx)); - for (i = 0; i < sizeof(testcases_pss)/sizeof(testcases_pss[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(testcases_pss); ++i) { testcase_t* t = &testcases_pss[i]; rsa_key k, *key = &k; DOX(ltc_mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, @@ -37,7 +37,7 @@ int pkcs_1_pss_test(void) DOX(ltc_mp_read_unsigned_bin(key->p, t->rsa.p, t->rsa.p_l), t->name); key->type = PK_PRIVATE; - for (j = 0; j < sizeof(t->data)/sizeof(t->data[0]); ++j) { + for (j = 0; j < LTC_ARRAY_SIZE(t->data); ++j) { rsaData_t* s = &t->data[j]; unsigned char buf[20], obuf[256]; unsigned long buflen = sizeof(buf), obuflen = sizeof(obuf); diff --git a/tests/test.c b/tests/test.c index 6fe789853..836720c63 100644 --- a/tests/test.c +++ b/tests/test.c @@ -356,7 +356,7 @@ int main(int argc, char **argv) } #ifdef LTC_PTHREAD - tinfo = XCALLOC(sizeof(test_functions)/sizeof(test_functions[0]), sizeof(thread_info)); + tinfo = XCALLOC(LTC_ARRAY_SIZE(test_functions), sizeof(thread_info)); if (tinfo == NULL) { printf("\n\nFAILURE: XCALLOC\n"); return EXIT_FAILURE; @@ -385,7 +385,7 @@ int main(int argc, char **argv) if (argc > 1) single_test = argv[1]; dur = epoch_usec(); - for (i = 0; i < sizeof(test_functions)/sizeof(test_functions[0]); ++i) { + for (i = 0; i < LTC_ARRAY_SIZE(test_functions); ++i) { if (single_test && strstr(test_functions[i].name, single_test) == NULL) { continue; } diff --git a/tests/x25519_test.c b/tests/x25519_test.c index f8b3a7c74..8578fe3b8 100644 --- a/tests/x25519_test.c +++ b/tests/x25519_test.c @@ -49,7 +49,7 @@ static int s_rfc_7748_5_2_test(void) unsigned char out[32]; unsigned long n; - for (n = 0; n < sizeof(rfc_7748_5_2)/sizeof(rfc_7748_5_2[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(rfc_7748_5_2); ++n) { tweetnacl_crypto_scalarmult(out, rfc_7748_5_2[n].scalar, rfc_7748_5_2[n].u_in); if (compare_testvector(out, sizeof(out), rfc_7748_5_2[n].u_out, sizeof(rfc_7748_5_2[n].u_out), "x25519 RFC 7748 Ch. 5.2", n) != 0) { return CRYPT_FAIL_TESTVECTOR; @@ -130,7 +130,7 @@ static int s_rfc_8410_10_test(void) curve25519_key key; unsigned char buf[1024]; unsigned long buflen; - for (n = 0; n < sizeof(rfc_8410_10)/sizeof(rfc_8410_10[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(rfc_8410_10); ++n) { buflen = sizeof(buf); DO(base64_decode(rfc_8410_10[n].b64, XSTRLEN(rfc_8410_10[n].b64), buf, &buflen)); DO(x25519_import_x509(buf, buflen, &key)); @@ -170,7 +170,7 @@ static int s_x25519_pkcs8_test(void) unsigned char buf[1024]; unsigned long buflen; password_ctx *p_pw_ctx, pw_ctx = { .callback = password_get }; - for (n = 0; n < sizeof(s_x25519_pkcs8)/sizeof(s_x25519_pkcs8[0]); ++n) { + for (n = 0; n < LTC_ARRAY_SIZE(s_x25519_pkcs8); ++n) { buflen = sizeof(buf); DO(base64_decode(s_x25519_pkcs8[n].b64, XSTRLEN(s_x25519_pkcs8[n].b64), buf, &buflen)); pw_ctx.userdata = (void*)s_x25519_pkcs8[n].pass; From 07d544c5d9a4ef02acd0c3ae97436d3318a32408 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 16 Aug 2025 14:50:46 +0200 Subject: [PATCH 09/19] Add tests for & fix `pk_oid` API Signed-off-by: Steffen Jaeckel --- src/pk/asn1/oid/pk_oid_str.c | 75 +++++++++++++++++++++++------------- tests/misc_test.c | 1 + tests/pk_oid_test.c | 41 ++++++++++++++++++++ tests/tomcrypt_test.h | 1 + 4 files changed, 92 insertions(+), 26 deletions(-) create mode 100644 tests/pk_oid_test.c diff --git a/src/pk/asn1/oid/pk_oid_str.c b/src/pk/asn1/oid/pk_oid_str.c index f670cd063..33459f637 100644 --- a/src/pk/asn1/oid/pk_oid_str.c +++ b/src/pk/asn1/oid/pk_oid_str.c @@ -6,20 +6,18 @@ int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen) { unsigned long i, j, limit, oid_j; - size_t OID_len; LTC_ARGCHK(oidlen != NULL); limit = *oidlen; *oidlen = 0; /* make sure that we return zero oidlen on error */ - for (i = 0; i < limit; i++) oid[i] = 0; - + if (oid != NULL) { + XMEMSET(oid, 0, sizeof(*oid) * limit); + } if (OID == NULL) return CRYPT_OK; + if (OID[0] == '\0') return CRYPT_OK; - OID_len = XSTRLEN(OID); - if (OID_len == 0) return CRYPT_OK; - - for (i = 0, j = 0; i < OID_len; i++) { + for (i = 0, j = 0; OID[i] != '\0'; i++) { if (OID[i] == '.') { if (++j >= limit) continue; } @@ -34,49 +32,74 @@ int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen } } if (j == 0) return CRYPT_ERROR; - if (j >= limit) { - *oidlen = j; + *oidlen = j + 1; + if (j >= limit || oid == NULL) { return CRYPT_BUFFER_OVERFLOW; } - *oidlen = j + 1; return CRYPT_OK; } +typedef struct num_to_str { + int err; + char *wr; + unsigned long max_len, res_len; +} num_to_str; + +static LTC_INLINE void s_wr(char c, num_to_str *w) +{ + if (w->res_len == ULONG_MAX) { + w->err = CRYPT_OVERFLOW; + return; + } + w->res_len++; + if (w->res_len > w->max_len) w->wr = NULL; + if (w->wr) w->wr[w->max_len - w->res_len] = c; +} + int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen) { int i; - unsigned long j, k; - char tmp[LTC_OID_MAX_STRLEN] = { 0 }; + num_to_str w; + unsigned long j; LTC_ARGCHK(oid != NULL); LTC_ARGCHK(oidlen < INT_MAX); LTC_ARGCHK(outlen != NULL); - for (i = oidlen - 1, k = 0; i >= 0; i--) { + if (OID == NULL || *outlen == 0) { + w.max_len = ULONG_MAX; + w.wr = NULL; + } else { + w.max_len = *outlen; + w.wr = OID; + } + w.res_len = 0; + w.err = CRYPT_OK; + + s_wr('\0', &w); + for (i = oidlen; i --> 0;) { j = oid[i]; if (j == 0) { - tmp[k] = '0'; - if (++k >= sizeof(tmp)) return CRYPT_ERROR; - } - else { + s_wr('0', &w); + } else { while (j > 0) { - tmp[k] = '0' + (j % 10); - if (++k >= sizeof(tmp)) return CRYPT_ERROR; + s_wr('0' + (j % 10), &w); j /= 10; } } if (i > 0) { - tmp[k] = '.'; - if (++k >= sizeof(tmp)) return CRYPT_ERROR; + s_wr('.', &w); } } - if (*outlen < k + 1) { - *outlen = k + 1; + if (w.err != CRYPT_OK) { + return w.err; + } + if (*outlen < w.res_len || OID == NULL) { + *outlen = w.res_len; return CRYPT_BUFFER_OVERFLOW; } LTC_ARGCHK(OID != NULL); - for (j = 0; j < k; j++) OID[j] = tmp[k - j - 1]; - OID[k] = '\0'; - *outlen = k; /* the length without terminating NUL byte */ + XMEMMOVE(OID, OID + (w.max_len - w.res_len), w.res_len); + *outlen = w.res_len; return CRYPT_OK; } diff --git a/tests/misc_test.c b/tests/misc_test.c index cf5cd2172..5a60ff236 100644 --- a/tests/misc_test.c +++ b/tests/misc_test.c @@ -34,6 +34,7 @@ int misc_test(void) #ifdef LTC_SSH ssh_test(); #endif + pk_oid_test(); no_null_termination_check_test(); return 0; } diff --git a/tests/pk_oid_test.c b/tests/pk_oid_test.c new file mode 100644 index 000000000..d5632a58d --- /dev/null +++ b/tests/pk_oid_test.c @@ -0,0 +1,41 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis */ +/* SPDX-License-Identifier: Unlicense */ + +#include + +int pk_oid_test(void) +{ + const char *oid_str = "1.2.3.4.5"; + const unsigned long oid_ul[] = { 1, 2, 3, 4, 5 }; + char str[16]; + unsigned long buf[6], num = LTC_ARRAY_SIZE(oid_ul), strlen = sizeof(str), should_size = 0; + + SHOULD_FAIL_WITH(pk_oid_str_to_num(oid_str, NULL, &should_size), CRYPT_BUFFER_OVERFLOW); + ENSURE(should_size == 5); + + DO(pk_oid_str_to_num(oid_str, buf, &num)); + ENSURE(num == 5); + + should_size = 1; + SHOULD_FAIL_WITH(pk_oid_num_to_str(oid_ul, 5, str, &should_size), CRYPT_BUFFER_OVERFLOW); + ENSURE(should_size == 10); + should_size = 1; + SHOULD_FAIL_WITH(pk_oid_num_to_str(oid_ul, 5, NULL, &should_size), CRYPT_BUFFER_OVERFLOW); + ENSURE(should_size == 10); + should_size = 16; + SHOULD_FAIL_WITH(pk_oid_num_to_str(oid_ul, 5, NULL, &should_size), CRYPT_BUFFER_OVERFLOW); + ENSURE(should_size == 10); + + XMEMSET(str, 'a', sizeof(str)); + DO(pk_oid_num_to_str(oid_ul, 5, str, &strlen)); + ENSURE(strlen == 10); + ENSURE(XMEMCMP(str, oid_str, strlen) == 0); + + XMEMSET(str, 'a', sizeof(str)); + strlen = 10; + DO(pk_oid_num_to_str(oid_ul, 5, str, &strlen)); + ENSURE(strlen == 10); + ENSURE(XMEMCMP(str, oid_str, strlen) == 0); + + return 0; +} diff --git a/tests/tomcrypt_test.h b/tests/tomcrypt_test.h index 8d9b84710..c2a582e7d 100644 --- a/tests/tomcrypt_test.h +++ b/tests/tomcrypt_test.h @@ -44,6 +44,7 @@ int ed25519_test(void); int ssh_test(void); int bcrypt_test(void); int no_null_termination_check_test(void); +int pk_oid_test(void); #ifdef LTC_PKCS_1 struct ltc_prng_descriptor* no_prng_desc_get(void); From 78bb06c8d61b0952c3fe47ee365126a4ef1e5a1f Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 16 Aug 2025 14:59:11 +0200 Subject: [PATCH 10/19] Minor cleanup Signed-off-by: Steffen Jaeckel --- .../der/sequence/der_decode_sequence_flexi.c | 38 ++++++++------ src/pk/ecc/ecc_ssh_ecdsa_encode_name.c | 2 +- tests/der_test.c | 50 +++++++++---------- 3 files changed, 47 insertions(+), 43 deletions(-) diff --git a/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c index b6ff36600..ada1bd67a 100644 --- a/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c +++ b/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c @@ -27,6 +27,22 @@ static int s_new_element(ltc_asn1_list **l) } return CRYPT_OK; } +#if defined(LTC_TEST_DBG) +void s_print_err(const char *errstr, ltc_asn1_list *l, int err, unsigned long identifier, unsigned long data_offset, unsigned long len) +{ +#if LTC_TEST_DBG <= 1 + if (err == CRYPT_OK) + return; +#endif + if (l->type == LTC_ASN1_CUSTOM_TYPE) { + fprintf(stderr, "%s %02lx: hl=%4lu l=%4lu - %s[%s %llu] (%s)\n", errstr, identifier, data_offset, len, der_asn1_class_to_string_map[l->klass], der_asn1_pc_to_string_map[l->pc], l->tag, error_to_string(err)); + } else { + fprintf(stderr, "%s %02lx: hl=%4lu l=%4lu - %s (%s)\n", errstr, identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag], error_to_string(err)); + } +} +#else +#define s_print_err(errstr, l, err, identifier, data_offset, len) LTC_UNUSED_PARAM(data_offset) +#endif /** ASN.1 DER Flexi(ble) decoder will decode arbitrary DER packets and create a linked list of the decoded elements. @@ -39,7 +55,8 @@ static int s_new_element(ltc_asn1_list **l) static int s_der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out, unsigned long depth) { ltc_asn1_list *l; - unsigned long err, identifier, len, totlen, data_offset, id_len, len_len; + int err; + unsigned long identifier, len, totlen, data_offset, id_len, len_len; void *realloc_tmp; LTC_ARGCHK(in != NULL); @@ -73,30 +90,19 @@ static int s_der_decode_sequence_flexi(const unsigned char *in, unsigned long *i if (l->type != LTC_ASN1_EOL) { /* fetch length */ len_len = *inlen - id_len; -#if defined(LTC_TEST_DBG) + /* init with dummy values for error cases */ data_offset = 666; len = 0; -#endif if ((err = der_decode_asn1_length(&in[id_len], &len_len, &len)) != CRYPT_OK) { -#if defined(LTC_TEST_DBG) - fprintf(stderr, "E1 %02lx: hl=%4lu l=%4lu - %s (%s)\n", identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag], error_to_string(err)); -#endif + s_print_err("E1", l, err, identifier, data_offset, len); goto error; } else if (len > (*inlen - id_len - len_len)) { err = CRYPT_INVALID_PACKET; -#if defined(LTC_TEST_DBG) - fprintf(stderr, "E2 %02lx: hl=%4lu l=%4lu - %s (%s)\n", identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag], error_to_string(err)); -#endif + s_print_err("E2", l, err, identifier, data_offset, len); goto error; } data_offset = id_len + len_len; -#if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 1 - if (l->type == LTC_ASN1_CUSTOM_TYPE && l->klass == LTC_ASN1_CL_CONTEXT_SPECIFIC) { - fprintf(stderr, "OK %02lx: hl=%4lu l=%4lu - Context Specific[%s %llu]\n", identifier, data_offset, len, der_asn1_pc_to_string_map[l->pc], l->tag); - } else { - fprintf(stderr, "OK %02lx: hl=%4lu l=%4lu - %s\n", identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag]); - } -#endif + s_print_err("OK", l, err, identifier, data_offset, len); len += data_offset; if (l->type == LTC_ASN1_CUSTOM_TYPE) { diff --git a/src/pk/ecc/ecc_ssh_ecdsa_encode_name.c b/src/pk/ecc/ecc_ssh_ecdsa_encode_name.c index 4b8d55428..f10a2c683 100644 --- a/src/pk/ecc/ecc_ssh_ecdsa_encode_name.c +++ b/src/pk/ecc/ecc_ssh_ecdsa_encode_name.c @@ -19,7 +19,7 @@ */ int ecc_ssh_ecdsa_encode_name(char *buffer, unsigned long *buflen, const ecc_key *key) { - char oidstr[64] = {0}; + char oidstr[LTC_OID_MAX_STRLEN] = {0}; unsigned long oidlen = sizeof(oidstr); int err, size = 0; diff --git a/tests/der_test.c b/tests/der_test.c index bf7311def..a7dee0a2b 100644 --- a/tests/der_test.c +++ b/tests/der_test.c @@ -691,32 +691,6 @@ static void der_set_test(void) } - -/* we are encoding - - SEQUENCE { - PRINTABLE "printable" - IA5 "ia5" - SEQUENCE { - INTEGER 12345678 - UTCTIME { 91, 5, 6, 16, 45, 40, 1, 7, 0 } - GENERALIZEDTIME { 2017, 03, 21, 10, 21, 12, 4, 1, 2, 0 } - SEQUENCE { - OCTET STRING { 1, 2, 3, 4 } - BIT STRING { 1, 0, 0, 1 } - SEQUENCE { - OID { 1, 2, 840, 113549 } - NULL - SET OF { - PRINTABLE "333" -- WILL GET SORTED - PRINTABLE "222" - } - } - } - } - -*/ - static void s_der_oid_test(void) { static const unsigned char oid_x690_8_19_5_example[] = { 0x06, 0x03, 0x88, 0x37, 0x03 }; @@ -745,6 +719,30 @@ static void s_der_oid_test(void) SHOULD_FAIL(der_length_object_identifier(oid, 3, &len)); } +/* we are encoding + + SEQUENCE { + PRINTABLE "printable" + IA5 "ia5" + SEQUENCE { + INTEGER 12345678 + UTCTIME { 91, 5, 6, 16, 45, 40, 1, 7, 0 } + GENERALIZEDTIME { 2017, 03, 21, 10, 21, 12, 4, 1, 2, 0 } + SEQUENCE { + OCTET STRING { 1, 2, 3, 4 } + BIT STRING { 1, 0, 0, 1 } + SEQUENCE { + OID { 1, 2, 840, 113549 } + NULL + SET OF { + PRINTABLE "333" -- WILL GET SORTED + PRINTABLE "222" + } + } + } + } + +*/ static void der_flexi_test(void) { static const char printable_str[] = "printable"; From c00b0061748bfe47d80c95193b8228acdfc2f931 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 2 Sep 2025 13:40:43 +0200 Subject: [PATCH 11/19] Make `pem_read()` ignore all junk before a real PEM header is found Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_private.h | 1 + src/misc/pem/pem_read.c | 63 +++++++++++++++++++++++----------- 2 files changed, 44 insertions(+), 20 deletions(-) diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index a9723f4b2..864f63ab2 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -363,6 +363,7 @@ struct get_char { } data; struct str unget_buf; char unget_buf_[LTC_PEM_DECODE_BUFSZ]; + int prev_get; }; #endif diff --git a/src/misc/pem/pem_read.c b/src/misc/pem/pem_read.c index bef454433..abefff924 100644 --- a/src/misc/pem/pem_read.c +++ b/src/misc/pem/pem_read.c @@ -62,10 +62,10 @@ static void s_tts(char *buf, unsigned long *buflen) } } -static char* s_get_line(char *buf, unsigned long *buflen, struct get_char *g) +static char* s_get_line_i(char *buf, unsigned long *buflen, struct get_char *g, int search_for_start) { - unsigned long blen = 0; - int c = -1, c_; + unsigned long blen = 0, wr = 0; + int c_; if (g->unget_buf.p) { if (*buflen < g->unget_buf.len) { return NULL; @@ -75,30 +75,44 @@ static char* s_get_line(char *buf, unsigned long *buflen, struct get_char *g) RESET_STR(g->unget_buf); return buf; } - while(blen < *buflen) { - c_ = c; - c = g->get(g); - if (c == '\n') { - buf[blen] = '\0'; + if (g->prev_get == -1) { + return NULL; + } + while(blen < *buflen || search_for_start) { + wr = blen < *buflen ? blen : *buflen - 1; + c_ = g->prev_get; + g->prev_get = g->get(g); + if (g->prev_get == '\n') { + buf[wr] = '\0'; if (c_ == '\r') { - buf[--blen] = '\0'; + buf[--wr] = '\0'; } - s_tts(buf, &blen); - *buflen = blen; + s_tts(buf, &wr); + *buflen = wr; return buf; } - if (c == -1 || c == '\0') { - buf[blen] = '\0'; - s_tts(buf, &blen); - *buflen = blen; + if (g->prev_get == -1 || g->prev_get == '\0') { + buf[wr] = '\0'; + s_tts(buf, &wr); + *buflen = wr; return buf; } - buf[blen] = c; + buf[wr] = g->prev_get; blen++; } return NULL; } +LTC_INLINE static char* s_get_first_line(char *buf, unsigned long *buflen, struct get_char *g) +{ + return s_get_line_i(buf, buflen, g, 1); +} + +LTC_INLINE static char* s_get_line(char *buf, unsigned long *buflen, struct get_char *g) +{ + return s_get_line_i(buf, buflen, g, 0); +} + static LTC_INLINE int s_fits_buf(void *dest, unsigned long to_write, void *end) { unsigned char *d = dest; @@ -181,15 +195,24 @@ int pem_read(void *asn1_cert, unsigned long *asn1_len, struct pem_headers *hdr, char buf[LTC_PEM_DECODE_BUFSZ]; char *wpem = asn1_cert; char *end = wpem + *asn1_len; + const char pem_start[] = "----"; unsigned long slen, linelen; int err, hdr_ok = 0; int would_overflow = 0; unsigned char empty_lines = 0; - linelen = sizeof(buf); - if (s_get_line(buf, &linelen, g) == NULL) { - return CRYPT_INVALID_PACKET; - } + g->prev_get = 0; + do { + linelen = sizeof(buf); + if (s_get_first_line(buf, &linelen, g) == NULL) { + if (g->prev_get == -1) + return CRYPT_NOP; + else + return CRYPT_INVALID_PACKET; + } + if (linelen < sizeof(pem_start) - 1) + continue; + } while(XMEMCMP(buf, pem_start, sizeof(pem_start) - 1) != 0); if (hdr->id->start.len != linelen || XMEMCMP(buf, hdr->id->start.p, hdr->id->start.len)) { s_unget_line(buf, linelen, g); return CRYPT_UNKNOWN_PEM; From 18b4e3f2ef057ff4cfcc377a44165a7c187d6b92 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 2 Sep 2025 13:47:42 +0200 Subject: [PATCH 12/19] Handle long OID nodes. This will behave differently on 32bit architectures, but since 32bit is mostly dead and I don't see a way how to handle this w/o breaking ABI&API, I guess we have to live with it. Signed-off-by: Steffen Jaeckel --- .../asn1/der/object_identifier/der_encode_object_identifier.c | 2 +- .../asn1/der/object_identifier/der_length_object_identifier.c | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c b/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c index 9a9c62d9e..3c52edcf2 100644 --- a/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c +++ b/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c @@ -59,7 +59,7 @@ int der_encode_object_identifier(const unsigned long *words, unsigned long nwor wordbuf = words[0] * 40 + words[1]; for (i = 1; i < nwords; i++) { /* store 7 bit words in little endian */ - t = wordbuf & 0xFFFFFFFF; + t = wordbuf; if (t) { y = x; mask = 0; diff --git a/src/pk/asn1/der/object_identifier/der_length_object_identifier.c b/src/pk/asn1/der/object_identifier/der_length_object_identifier.c index d9ded0295..c81694391 100644 --- a/src/pk/asn1/der/object_identifier/der_length_object_identifier.c +++ b/src/pk/asn1/der/object_identifier/der_length_object_identifier.c @@ -12,7 +12,6 @@ unsigned long der_object_identifier_bits(unsigned long x) { unsigned long c; - x &= 0xFFFFFFFF; c = 0; while (x) { ++c; From bb389e2c998fc164f7c95cc514ebf9a6553106e0 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 3 Sep 2025 08:30:02 +0200 Subject: [PATCH 13/19] Make some DER helpers private Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_pk.h | 8 -------- src/headers/tomcrypt_private.h | 10 ++++++++++ 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h index e3e8157a6..c4a201793 100644 --- a/src/headers/tomcrypt_pk.h +++ b/src/headers/tomcrypt_pk.h @@ -844,7 +844,6 @@ int der_encode_object_identifier(const unsigned long *words, unsigned long nwor int der_decode_object_identifier(const unsigned char *in, unsigned long inlen, unsigned long *words, unsigned long *outlen); int der_length_object_identifier(const unsigned long *words, unsigned long nwords, unsigned long *outlen); -unsigned long der_object_identifier_bits(unsigned long x); /* IA5 STRING */ int der_encode_ia5_string(const unsigned char *in, unsigned long inlen, @@ -853,9 +852,6 @@ int der_decode_ia5_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); int der_length_ia5_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen); -int der_ia5_char_encode(int c); -int der_ia5_value_decode(int v); - /* TELETEX STRING */ int der_decode_teletex_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); @@ -868,9 +864,6 @@ int der_decode_printable_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); int der_length_printable_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen); -int der_printable_char_encode(int c); -int der_printable_value_decode(int v); - /* UTF-8 */ #if (defined(SIZE_MAX) || __STDC_VERSION__ >= 199901L || defined(WCHAR_MAX) || defined(__WCHAR_MAX__) || defined(_WCHAR_T) || defined(_WCHAR_T_DEFINED) || defined (__WCHAR_TYPE__)) && !defined(LTC_NO_WCHAR) #if defined(__WCHAR_MAX__) @@ -890,7 +883,6 @@ int der_encode_utf8_string(const wchar_t *in, unsigned long inlen, int der_decode_utf8_string(const unsigned char *in, unsigned long inlen, wchar_t *out, unsigned long *outlen); -unsigned long der_utf8_charsize(const wchar_t c); int der_length_utf8_string(const wchar_t *in, unsigned long noctets, unsigned long *outlen); diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 864f63ab2..8127f4e85 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -588,6 +588,16 @@ int der_length_asn1_length(unsigned long len, unsigned long *outlen); int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen, unsigned long *payloadlen); +unsigned long der_object_identifier_bits(unsigned long x); + +int der_ia5_char_encode(int c); +int der_ia5_value_decode(int v); + +int der_printable_char_encode(int c); +int der_printable_value_decode(int v); + +unsigned long der_utf8_charsize(const wchar_t c); + typedef struct { ltc_asn1_type t; ltc_asn1_list **pp; From 1978245572451cad38eb75e5d9e2738440e8e4b6 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 5 Sep 2025 10:34:49 +0200 Subject: [PATCH 14/19] Update makefiles --- makefile.mingw | 7 ++++--- makefile.msvc | 7 ++++--- makefile.unix | 7 ++++--- makefile_include.mk | 7 ++++--- tests/sources.cmake | 1 + 5 files changed, 17 insertions(+), 12 deletions(-) diff --git a/makefile.mingw b/makefile.mingw index 01c39cf11..693f495a8 100644 --- a/makefile.mingw +++ b/makefile.mingw @@ -236,9 +236,10 @@ TOBJECTS=tests/base16_test.o tests/base32_test.o tests/base64_test.o tests/bcryp tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o tests/dsa_test.o \ tests/ecc_test.o tests/ed25519_test.o tests/file_test.o tests/mac_test.o tests/misc_test.o \ tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_null_termination_check_test.o \ -tests/no_prng.o tests/padding_test.o tests/pem_test.o tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o \ -tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o tests/prng_test.o \ -tests/rotate_test.o tests/rsa_test.o tests/ssh_test.o tests/store_test.o tests/test.o tests/x25519_test.o +tests/no_prng.o tests/padding_test.o tests/pem_test.o tests/pk_oid_test.o tests/pkcs_1_eme_test.o \ +tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \ +tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/ssh_test.o tests/store_test.o tests/test.o \ +tests/x25519_test.o #The following headers will be installed by "make install" HEADERS_PUB=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \ diff --git a/makefile.msvc b/makefile.msvc index 6a20625db..9060c352a 100644 --- a/makefile.msvc +++ b/makefile.msvc @@ -229,9 +229,10 @@ TOBJECTS=tests/base16_test.obj tests/base32_test.obj tests/base64_test.obj tests tests/cipher_hash_test.obj tests/common.obj tests/der_test.obj tests/dh_test.obj tests/dsa_test.obj \ tests/ecc_test.obj tests/ed25519_test.obj tests/file_test.obj tests/mac_test.obj tests/misc_test.obj \ tests/modes_test.obj tests/mpi_test.obj tests/multi_test.obj tests/no_null_termination_check_test.obj \ -tests/no_prng.obj tests/padding_test.obj tests/pem_test.obj tests/pkcs_1_eme_test.obj tests/pkcs_1_emsa_test.obj \ -tests/pkcs_1_oaep_test.obj tests/pkcs_1_pss_test.obj tests/pkcs_1_test.obj tests/prng_test.obj \ -tests/rotate_test.obj tests/rsa_test.obj tests/ssh_test.obj tests/store_test.obj tests/test.obj tests/x25519_test.obj +tests/no_prng.obj tests/padding_test.obj tests/pem_test.obj tests/pk_oid_test.obj tests/pkcs_1_eme_test.obj \ +tests/pkcs_1_emsa_test.obj tests/pkcs_1_oaep_test.obj tests/pkcs_1_pss_test.obj tests/pkcs_1_test.obj \ +tests/prng_test.obj tests/rotate_test.obj tests/rsa_test.obj tests/ssh_test.obj tests/store_test.obj tests/test.obj \ +tests/x25519_test.obj #The following headers will be installed by "make install" HEADERS_PUB=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \ diff --git a/makefile.unix b/makefile.unix index 2a8a39423..d4db3cd85 100644 --- a/makefile.unix +++ b/makefile.unix @@ -250,9 +250,10 @@ TOBJECTS=tests/base16_test.o tests/base32_test.o tests/base64_test.o tests/bcryp tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o tests/dsa_test.o \ tests/ecc_test.o tests/ed25519_test.o tests/file_test.o tests/mac_test.o tests/misc_test.o \ tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_null_termination_check_test.o \ -tests/no_prng.o tests/padding_test.o tests/pem_test.o tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o \ -tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o tests/prng_test.o \ -tests/rotate_test.o tests/rsa_test.o tests/ssh_test.o tests/store_test.o tests/test.o tests/x25519_test.o +tests/no_prng.o tests/padding_test.o tests/pem_test.o tests/pk_oid_test.o tests/pkcs_1_eme_test.o \ +tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \ +tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/ssh_test.o tests/store_test.o tests/test.o \ +tests/x25519_test.o #The following headers will be installed by "make install" HEADERS_PUB=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \ diff --git a/makefile_include.mk b/makefile_include.mk index a9f74a8de..386ce2160 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -420,9 +420,10 @@ TOBJECTS=tests/base16_test.o tests/base32_test.o tests/base64_test.o tests/bcryp tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o tests/dsa_test.o \ tests/ecc_test.o tests/ed25519_test.o tests/file_test.o tests/mac_test.o tests/misc_test.o \ tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_null_termination_check_test.o \ -tests/no_prng.o tests/padding_test.o tests/pem_test.o tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o \ -tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o tests/prng_test.o \ -tests/rotate_test.o tests/rsa_test.o tests/ssh_test.o tests/store_test.o tests/test.o tests/x25519_test.o +tests/no_prng.o tests/padding_test.o tests/pem_test.o tests/pk_oid_test.o tests/pkcs_1_eme_test.o \ +tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \ +tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/ssh_test.o tests/store_test.o tests/test.o \ +tests/x25519_test.o # The following headers will be installed by "make install" HEADERS_PUB=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \ diff --git a/tests/sources.cmake b/tests/sources.cmake index b384305b0..590607aa4 100644 --- a/tests/sources.cmake +++ b/tests/sources.cmake @@ -20,6 +20,7 @@ no_null_termination_check_test.c no_prng.c padding_test.c pem_test.c +pk_oid_test.c pkcs_1_eme_test.c pkcs_1_emsa_test.c pkcs_1_oaep_test.c From fe8e4bf547935da31f24fe1bc76f1444e6ea694d Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 5 Sep 2025 16:57:34 +0200 Subject: [PATCH 15/19] Use more builtin functions if available Signed-off-by: Steffen Jaeckel --- src/encauth/ocb/ocb_ntz.c | 6 ++++++ src/encauth/ocb3/ocb3_int_ntz.c | 6 ++++++ src/headers/tomcrypt_cfg.h | 8 ++++++++ src/mac/pmac/pmac_ntz.c | 6 ++++++ .../der/object_identifier/der_length_object_identifier.c | 7 ++++++- 5 files changed, 32 insertions(+), 1 deletion(-) diff --git a/src/encauth/ocb/ocb_ntz.c b/src/encauth/ocb/ocb_ntz.c index b0f5570de..bf933fd94 100644 --- a/src/encauth/ocb/ocb_ntz.c +++ b/src/encauth/ocb/ocb_ntz.c @@ -17,6 +17,11 @@ */ int ocb_ntz(unsigned long x) { +#if defined(LTC_HAVE_CTZL_BUILTIN) + if (x == 0) + return sizeof(unsigned long) * CHAR_BIT; + return __builtin_ctzl(x); +#else int c; x &= 0xFFFFFFFFUL; c = 0; @@ -25,6 +30,7 @@ int ocb_ntz(unsigned long x) x >>= 1; } return c; +#endif } #endif diff --git a/src/encauth/ocb3/ocb3_int_ntz.c b/src/encauth/ocb3/ocb3_int_ntz.c index 86942cedd..a667ff604 100644 --- a/src/encauth/ocb3/ocb3_int_ntz.c +++ b/src/encauth/ocb3/ocb3_int_ntz.c @@ -16,6 +16,11 @@ */ int ocb3_int_ntz(unsigned long x) { +#if defined(LTC_HAVE_CTZL_BUILTIN) + if (x == 0) + return sizeof(unsigned long) * CHAR_BIT; + return __builtin_ctzl(x); +#else int c; x &= 0xFFFFFFFFUL; c = 0; @@ -24,6 +29,7 @@ int ocb3_int_ntz(unsigned long x) x >>= 1; } return c; +#endif } #endif diff --git a/src/headers/tomcrypt_cfg.h b/src/headers/tomcrypt_cfg.h index 38eca3708..af828e23c 100644 --- a/src/headers/tomcrypt_cfg.h +++ b/src/headers/tomcrypt_cfg.h @@ -295,6 +295,14 @@ typedef unsigned long ltc_mp_digit; #define LTC_HAVE_ROTATE_BUILTIN #endif +#if __has_builtin(__builtin_clzl) + #define LTC_HAVE_CLZL_BUILTIN +#endif + +#if __has_builtin(__builtin_ctzl) + #define LTC_HAVE_CTZL_BUILTIN +#endif + #if defined(__GNUC__) #define LTC_ALIGN(n) __attribute__((aligned(n))) #else diff --git a/src/mac/pmac/pmac_ntz.c b/src/mac/pmac/pmac_ntz.c index ed71f3313..86142ba01 100644 --- a/src/mac/pmac/pmac_ntz.c +++ b/src/mac/pmac/pmac_ntz.c @@ -14,6 +14,11 @@ */ int pmac_ntz(unsigned long x) { +#if defined(LTC_HAVE_CTZL_BUILTIN) + if (x == 0) + return sizeof(unsigned long) * CHAR_BIT; + return __builtin_ctzl(x); +#else int c; x &= 0xFFFFFFFFUL; c = 0; @@ -22,6 +27,7 @@ int pmac_ntz(unsigned long x) x >>= 1; } return c; +#endif } #endif diff --git a/src/pk/asn1/der/object_identifier/der_length_object_identifier.c b/src/pk/asn1/der/object_identifier/der_length_object_identifier.c index c81694391..cba75ce50 100644 --- a/src/pk/asn1/der/object_identifier/der_length_object_identifier.c +++ b/src/pk/asn1/der/object_identifier/der_length_object_identifier.c @@ -11,6 +11,11 @@ unsigned long der_object_identifier_bits(unsigned long x) { +#if defined(LTC_HAVE_CLZL_BUILTIN) + if (x == 0) + return 0; + return sizeof(unsigned long) * CHAR_BIT - __builtin_clzl(x); +#else unsigned long c; c = 0; while (x) { @@ -18,9 +23,9 @@ unsigned long der_object_identifier_bits(unsigned long x) x >>= 1; } return c; +#endif } - /** Gets length of DER encoding of Object Identifier @param nwords The number of OID words From f8c319ee6e4938297d04a839c827fd36b7e005dd Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 5 Sep 2025 17:47:18 +0200 Subject: [PATCH 16/19] Update `crypt_build_settings` Signed-off-by: Steffen Jaeckel --- src/misc/crypt/crypt.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/misc/crypt/crypt.c b/src/misc/crypt/crypt.c index c4675de6e..61b5cd050 100644 --- a/src/misc/crypt/crypt.c +++ b/src/misc/crypt/crypt.c @@ -548,6 +548,15 @@ const char *crypt_build_settings = " LTC_NO_ROLC " #endif #endif +#if defined(LTC_HAVE_ROTATE_BUILTIN) + " LTC_HAVE_ROTATE_BUILTIN " +#endif +#if defined(LTC_HAVE_CLZL_BUILTIN) + " LTC_HAVE_CLZL_BUILTIN " +#endif +#if defined(LTC_HAVE_CTZL_BUILTIN) + " LTC_HAVE_CTZL_BUILTIN " +#endif #if defined(LTC_NO_TEST) " LTC_NO_TEST " #endif From a58de2e03d8813711c8fc8040a87a140982923d5 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 9 Sep 2025 10:17:36 +0200 Subject: [PATCH 17/19] Fix some scan-build warnings Signed-off-by: Steffen Jaeckel --- demos/gcm-file/gcm_filehandle.c | 8 +++++-- demos/tv_gen.c | 38 ++++++++++++++++++--------------- tests/common.c | 7 ++++-- 3 files changed, 32 insertions(+), 21 deletions(-) diff --git a/demos/gcm-file/gcm_filehandle.c b/demos/gcm-file/gcm_filehandle.c index 6065f966d..8c0224abd 100644 --- a/demos/gcm-file/gcm_filehandle.c +++ b/demos/gcm-file/gcm_filehandle.c @@ -116,7 +116,7 @@ int gcm_filehandle( int cipher, if (direction == GCM_DECRYPT) { tot_data -= taglen; } - rewind(in); + fseek(in, 0, SEEK_SET); do { x = MIN(tot_data, LTC_FILE_READ_BUFSIZE); x = fread(buf, 1, x, in); @@ -140,6 +140,10 @@ int gcm_filehandle( int cipher, } if (direction == GCM_DECRYPT) { + if (feof(in) || ferror(in)) { + err = CRYPT_ERROR; + goto LBL_CLEANBUF; + } x = fread(buf, 1, taglen, in); if (x != taglen) { err = CRYPT_ERROR; @@ -170,7 +174,7 @@ int gcm_filehandle( int cipher, #endif if(*res == 0) { x = ftell(out); - rewind(out); + fseek(in, 0, SEEK_SET); while((size_t)ftell(out) < x) { fwrite(buf, 1, LTC_FILE_READ_BUFSIZE, out); } diff --git a/demos/tv_gen.c b/demos/tv_gen.c index 61c6de529..d6ba2c6f6 100644 --- a/demos/tv_gen.c +++ b/demos/tv_gen.c @@ -2,6 +2,14 @@ /* SPDX-License-Identifier: Unlicense */ #include "tomcrypt_private.h" +#define OPEN_FILE(f, o) do { \ + o = fopen(f, "w"); \ + if (o == NULL) { \ + perror("can't open " f); \ + return; \ + } \ +} while(0) + static void hash_gen(void) { unsigned char md[MAXBLOCKSIZE], *buf; @@ -9,11 +17,7 @@ static void hash_gen(void) FILE *out; int err; - out = fopen("hash_tv.txt", "w"); - if (out == NULL) { - perror("can't open hash_tv.txt"); - return; - } + OPEN_FILE("hash_tv.txt", out); fprintf(out, "Hash Test Vectors:\n\nThese are the hashes of nn bytes '00 01 02 03 .. (nn-1)'\n\n"); for (x = 0; hash_descriptor[x].name != NULL; x++) { @@ -52,7 +56,7 @@ static void cipher_gen(void) FILE *out; symmetric_key skey; - out = fopen("cipher_tv.txt", "w"); + OPEN_FILE("cipher_tv.txt", out); fprintf(out, "Cipher Test Vectors\n\nThese are test encryptions with key of nn bytes '00 01 02 03 .. (nn-1)' and original PT of the same style.\n" @@ -126,7 +130,7 @@ static void hmac_gen(void) FILE *out; unsigned long len; - out = fopen("hmac_tv.txt", "w"); + OPEN_FILE("hmac_tv.txt", out); fprintf(out, "HMAC Tests. In these tests messages of N bytes long (00,01,02,...,NN-1) are HMACed. The initial key is\n" @@ -179,7 +183,7 @@ static void omac_gen(void) FILE *out; unsigned long len; - out = fopen("omac_tv.txt", "w"); + OPEN_FILE("omac_tv.txt", out); fprintf(out, "OMAC Tests. In these tests messages of N bytes long (00,01,02,...,NN-1) are OMAC'ed. The initial key is\n" @@ -240,7 +244,7 @@ static void pmac_gen(void) FILE *out; unsigned long len; - out = fopen("pmac_tv.txt", "w"); + OPEN_FILE("pmac_tv.txt", out); fprintf(out, "PMAC Tests. In these tests messages of N bytes long (00,01,02,...,NN-1) are PMAC'ed. The initial key is\n" @@ -302,7 +306,7 @@ static void eax_gen(void) plaintext[MAXBLOCKSIZE*2], tag[MAXBLOCKSIZE]; unsigned long len; - out = fopen("eax_tv.txt", "w"); + OPEN_FILE("eax_tv.txt", out); fprintf(out, "EAX Test Vectors. Uses the 00010203...NN-1 pattern for header/nonce/plaintext/key. The outputs\n" "are of the form ciphertext,tag for a given NN. The key for step N>1 is the tag of the previous\n" "step repeated sufficiently.\n\n"); @@ -368,7 +372,7 @@ static void ocb_gen(void) plaintext[MAXBLOCKSIZE*2], tag[MAXBLOCKSIZE]; unsigned long len; - out = fopen("ocb_tv.txt", "w"); + OPEN_FILE("ocb_tv.txt", out); fprintf(out, "OCB Test Vectors. Uses the 00010203...NN-1 pattern for nonce/plaintext/key. The outputs\n" "are of the form ciphertext,tag for a given NN. The key for step N>1 is the tag of the previous\n" "step repeated sufficiently. The nonce is fixed throughout.\n\n"); @@ -437,7 +441,7 @@ static void ocb3_gen(void) plaintext[MAXBLOCKSIZE*2], tag[MAXBLOCKSIZE]; unsigned long len; - out = fopen("ocb3_tv.txt", "w"); + OPEN_FILE("ocb3_tv.txt", out); fprintf(out, "OCB3 Test Vectors. Uses the 00010203...NN-1 pattern for nonce/plaintext/key. The outputs\n" "are of the form ciphertext,tag for a given NN. The key for step N>1 is the tag of the previous\n" "step repeated sufficiently. The nonce is fixed throughout. AAD is fixed to 3 bytes (ASCII) 'AAD'.\n\n"); @@ -509,7 +513,7 @@ static void ccm_gen(void) unsigned long len; const unsigned int taglen[] = {4, 6, 8, 10, 12, 14, 16}; - out = fopen("ccm_tv.txt", "w"); + OPEN_FILE("ccm_tv.txt", out); fprintf(out, "CCM Test Vectors. Uses the 00010203...NN-1 pattern for nonce/header/plaintext/key. The outputs\n" "are of the form ciphertext,tag for a given NN. The key for step N>1 is the tag of the previous\n" "step repeated sufficiently. The nonce is fixed throughout at 13 bytes 000102...\n\n"); @@ -579,7 +583,7 @@ static void gcm_gen(void) unsigned char key[MAXBLOCKSIZE], plaintext[MAXBLOCKSIZE*2], tag[MAXBLOCKSIZE]; unsigned long len; - out = fopen("gcm_tv.txt", "w"); + OPEN_FILE("gcm_tv.txt", out); fprintf(out, "GCM Test Vectors. Uses the 00010203...NN-1 pattern for nonce/header/plaintext/key. The outputs\n" "are of the form ciphertext,tag for a given NN. The key for step N>1 is the tag of the previous\n" "step repeated sufficiently. The nonce is fixed throughout at 13 bytes 000102...\n\n"); @@ -641,7 +645,7 @@ static void base64_gen(void) char dst[256]; unsigned long x, len; - out = fopen("base64_tv.txt", "w"); + OPEN_FILE("base64_tv.txt", out); fprintf(out, "Base64 vectors. These are the base64 encodings of the strings 00,01,02...NN-1\n\n"); for (x = 0; x <= 32; x++) { for (ch = 0; ch < x; ch++) { @@ -666,7 +670,7 @@ static void ecc_gen(void) ecc_point *G, *R; int x; - out = fopen("ecc_tv.txt", "w"); + OPEN_FILE("ecc_tv.txt", out); fprintf(out, "ecc vectors. These are for kG for k=1,3,9,27,...,3**n until k > order of the curve outputs are triplets\n\n"); G = ltc_ecc_new_point(); R = ltc_ecc_new_point(); @@ -713,7 +717,7 @@ static void lrw_gen(void) tweak[x] = key[x] = iv[x] = x; } - out = fopen("lrw_tv.txt", "w"); + OPEN_FILE("lrw_tv.txt", out); for (x = 16; x < (int)(sizeof(buf)); x += 16) { if ((err = lrw_start(find_cipher("aes"), iv, key, 16, tweak, 0, &lrw)) != CRYPT_OK) { fprintf(stderr, "Error starting LRW-AES: %s\n", error_to_string(err)); diff --git a/tests/common.c b/tests/common.c index d47278744..948d5d08d 100644 --- a/tests/common.c +++ b/tests/common.c @@ -103,7 +103,10 @@ static DIR *s_opendir(const char *path, char *mypath, unsigned long l) static int s_read_and_process(FILE *f, unsigned long sz, void *ctx, dir_iter_cb process) { int err = CRYPT_OK; - void* buf = XMALLOC(sz + 1); + void* buf; + if (f == NULL) + return CRYPT_FILE_NOTFOUND; + buf = XMALLOC(sz + 1); if (buf == NULL) return CRYPT_MEM; if (fread(buf, 1, sz, f) != sz) { @@ -177,7 +180,7 @@ int test_process_dir(const char *path, void *ctx, dir_iter_cb iter, dir_fiter_cb } continue_loop: - fclose(f); + if (f != NULL) fclose(f); f = NULL; } if (f != NULL) fclose(f); From ef1453d5ba89462b27499145e003ddd3f5459d1b Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 12 Sep 2025 18:24:14 +0200 Subject: [PATCH 18/19] It should be `static inline` Signed-off-by: Steffen Jaeckel --- src/ciphers/cast5.c | 6 +++--- src/ciphers/sm4.c | 24 ++++++++++++------------ src/hashes/tiger.c | 18 +++++++++--------- 3 files changed, 24 insertions(+), 24 deletions(-) diff --git a/src/ciphers/cast5.c b/src/ciphers/cast5.c index d8279b595..e55d8ab7c 100644 --- a/src/ciphers/cast5.c +++ b/src/ciphers/cast5.c @@ -492,7 +492,7 @@ int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ #endif #define FI cast5_FI -LTC_INLINE static ulong32 FI(ulong32 R, ulong32 Km, ulong32 Kr) +static LTC_INLINE ulong32 FI(ulong32 R, ulong32 Km, ulong32 Kr) { ulong32 I; I = (Km + R); @@ -500,7 +500,7 @@ LTC_INLINE static ulong32 FI(ulong32 R, ulong32 Km, ulong32 Kr) return ((S1[LTC_BYTE(I, 3)] ^ S2[LTC_BYTE(I,2)]) - S3[LTC_BYTE(I,1)]) + S4[LTC_BYTE(I,0)]; } -LTC_INLINE static ulong32 FII(ulong32 R, ulong32 Km, ulong32 Kr) +static LTC_INLINE ulong32 FII(ulong32 R, ulong32 Km, ulong32 Kr) { ulong32 I; I = (Km ^ R); @@ -508,7 +508,7 @@ LTC_INLINE static ulong32 FII(ulong32 R, ulong32 Km, ulong32 Kr) return ((S1[LTC_BYTE(I, 3)] - S2[LTC_BYTE(I,2)]) + S3[LTC_BYTE(I,1)]) ^ S4[LTC_BYTE(I,0)]; } -LTC_INLINE static ulong32 FIII(ulong32 R, ulong32 Km, ulong32 Kr) +static LTC_INLINE ulong32 FIII(ulong32 R, ulong32 Km, ulong32 Kr) { ulong32 I; I = (Km - R); diff --git a/src/ciphers/sm4.c b/src/ciphers/sm4.c index d21cdce62..2fc68d00c 100644 --- a/src/ciphers/sm4.c +++ b/src/ciphers/sm4.c @@ -67,7 +67,7 @@ static const sm4_u8_t sm4_sbox_table[16][16] = { * S-box * defined in section 2.6 S-box */ -LTC_INLINE static sm4_u8_t s_sm4_sbox(sm4_u8_t a) +static LTC_INLINE sm4_u8_t s_sm4_sbox(sm4_u8_t a) { return sm4_sbox_table[(a >> 4) & 0x0f][a & 0x0f]; } @@ -80,7 +80,7 @@ LTC_INLINE static sm4_u8_t s_sm4_sbox(sm4_u8_t a) * But we just convert a 32bit word byte by byte. * So it's OK if we don't convert the endian order */ -LTC_INLINE static sm4_u32_t s_sm4_t(sm4_u32_t A) +static LTC_INLINE sm4_u32_t s_sm4_t(sm4_u32_t A) { sm4_u8_t a[4]; sm4_u8_t b[4]; @@ -98,7 +98,7 @@ LTC_INLINE static sm4_u32_t s_sm4_t(sm4_u32_t A) /* * defined in section 6.2 (2) Linear transformation L */ -LTC_INLINE static sm4_u32_t s_sm4_L62(sm4_u32_t B) +static LTC_INLINE sm4_u32_t s_sm4_L62(sm4_u32_t B) { return B ^ ROLc(B, 2) ^ ROLc(B, 10) ^ ROLc(B, 18) ^ ROLc(B, 24); } @@ -106,7 +106,7 @@ LTC_INLINE static sm4_u32_t s_sm4_L62(sm4_u32_t B) /* * defined in section 6.2 Permutation T */ -LTC_INLINE static sm4_u32_t s_sm4_T62(sm4_u32_t Z) +static LTC_INLINE sm4_u32_t s_sm4_T62(sm4_u32_t Z) { return s_sm4_L62(s_sm4_t(Z)); } @@ -137,7 +137,7 @@ static const sm4_u32_t sm4_CK[32] = /* * defined in section 7.3 (1) L' */ -LTC_INLINE static sm4_u32_t s_sm4_L73(sm4_u32_t B) +static LTC_INLINE sm4_u32_t s_sm4_L73(sm4_u32_t B) { return B ^ ROLc(B, 13) ^ ROLc(B, 23); } @@ -145,7 +145,7 @@ LTC_INLINE static sm4_u32_t s_sm4_L73(sm4_u32_t B) /* * defined in section 7.3 (1) T' */ -LTC_INLINE static sm4_u32_t s_sm4_T73(sm4_u32_t Z) +static LTC_INLINE sm4_u32_t s_sm4_T73(sm4_u32_t Z) { return s_sm4_L73(s_sm4_t(Z)); } @@ -153,7 +153,7 @@ LTC_INLINE static sm4_u32_t s_sm4_T73(sm4_u32_t Z) /* * defined in section 7.3 Key Expansion */ -LTC_INLINE static void s_sm4_mk2rk(sm4_u32_t rk[32], sm4_u8_t mk[16]) +static LTC_INLINE void s_sm4_mk2rk(sm4_u32_t rk[32], sm4_u8_t mk[16]) { sm4_u32_t MK[4] = { 0 }; sm4_u32_t K[4+32] = { 0 }; @@ -175,7 +175,7 @@ LTC_INLINE static void s_sm4_mk2rk(sm4_u32_t rk[32], sm4_u8_t mk[16]) /* * defined in section 6 Round Function F */ -LTC_INLINE static sm4_u32_t s_sm4_F(sm4_u32_t X[4], sm4_u32_t rk) +static LTC_INLINE sm4_u32_t s_sm4_F(sm4_u32_t X[4], sm4_u32_t rk) { return X[0] ^ s_sm4_T62(X[1] ^ X[2] ^ X[3] ^ rk); } @@ -183,7 +183,7 @@ LTC_INLINE static sm4_u32_t s_sm4_F(sm4_u32_t X[4], sm4_u32_t rk) /* * defined in section 7.1 (2) The reverse transformation */ -LTC_INLINE static void s_sm4_R(sm4_u32_t Y[4], sm4_u32_t X[32+4]) +static LTC_INLINE void s_sm4_R(sm4_u32_t Y[4], sm4_u32_t X[32+4]) { Y[0] = X[35]; Y[1] = X[34]; @@ -194,7 +194,7 @@ LTC_INLINE static void s_sm4_R(sm4_u32_t Y[4], sm4_u32_t X[32+4]) /* * defined in section 7.1 (En)cryption */ -LTC_INLINE static void s_sm4_crypt(sm4_u32_t Y[4], sm4_u32_t X[4+32], const sm4_u32_t rk[32]) +static LTC_INLINE void s_sm4_crypt(sm4_u32_t Y[4], sm4_u32_t X[4+32], const sm4_u32_t rk[32]) { int i; @@ -203,7 +203,7 @@ LTC_INLINE static void s_sm4_crypt(sm4_u32_t Y[4], sm4_u32_t X[4+32], const sm4_ s_sm4_R(Y, X); } -LTC_INLINE static void s_sm4_setkey(struct sm4_key *sm4, const unsigned char *key) +static LTC_INLINE void s_sm4_setkey(struct sm4_key *sm4, const unsigned char *key) { int i; @@ -229,7 +229,7 @@ int sm4_setup(const unsigned char *key, int keylen, /* * SM4 encryption. */ -LTC_INLINE static void s_sm4_do(void *output, const void *input, const sm4_u32_t rk[32]) +static LTC_INLINE void s_sm4_do(void *output, const void *input, const sm4_u32_t rk[32]) { sm4_u32_t Y[4]; sm4_u32_t X[32+4]; diff --git a/src/hashes/tiger.c b/src/hashes/tiger.c index e88fb3a3a..a1b66f7b4 100644 --- a/src/hashes/tiger.c +++ b/src/hashes/tiger.c @@ -566,7 +566,7 @@ static const ulong64 table[4*256] = { CONST64(0xC83223F1720AEF96) /* 1022 */, CONST64(0xC3A0396F7363A51F) /* 1023 */}; /* one round of the hash function */ -LTC_INLINE static void tiger_round(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 x, int mul) +static LTC_INLINE void s_tiger_round(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 x, int mul) { ulong64 tmp; tmp = (*c ^= x); @@ -582,14 +582,14 @@ LTC_INLINE static void tiger_round(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 x /* one complete pass */ static void s_pass(ulong64 *a, ulong64 *b, ulong64 *c, const ulong64 *x, int mul) { - tiger_round(a,b,c,x[0],mul); - tiger_round(b,c,a,x[1],mul); - tiger_round(c,a,b,x[2],mul); - tiger_round(a,b,c,x[3],mul); - tiger_round(b,c,a,x[4],mul); - tiger_round(c,a,b,x[5],mul); - tiger_round(a,b,c,x[6],mul); - tiger_round(b,c,a,x[7],mul); + s_tiger_round(a,b,c,x[0],mul); + s_tiger_round(b,c,a,x[1],mul); + s_tiger_round(c,a,b,x[2],mul); + s_tiger_round(a,b,c,x[3],mul); + s_tiger_round(b,c,a,x[4],mul); + s_tiger_round(c,a,b,x[5],mul); + s_tiger_round(a,b,c,x[6],mul); + s_tiger_round(b,c,a,x[7],mul); } /* The key mixing schedule */ From ae50082c0fa3d96613526e78f3f8b855e7f5b82e Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 13 Sep 2025 12:04:09 +0200 Subject: [PATCH 19/19] Only compute length of OID data once. Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_private.h | 3 +- .../der_encode_object_identifier.c | 13 +-------- .../der_length_object_identifier.c | 28 ++++++++++++------- 3 files changed, 21 insertions(+), 23 deletions(-) diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 8127f4e85..7069b1652 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -588,7 +588,8 @@ int der_length_asn1_length(unsigned long len, unsigned long *outlen); int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen, unsigned long *payloadlen); -unsigned long der_object_identifier_bits(unsigned long x); +int der_length_object_identifier_full(const unsigned long *words, unsigned long nwords, + unsigned long *outlen, unsigned long *datalen); int der_ia5_char_encode(int c); int der_ia5_value_decode(int v); diff --git a/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c b/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c index 3c52edcf2..af5635425 100644 --- a/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c +++ b/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c @@ -27,7 +27,7 @@ int der_encode_object_identifier(const unsigned long *words, unsigned long nwor LTC_ARGCHK(outlen != NULL); /* check length */ - if ((err = der_length_object_identifier(words, nwords, &x)) != CRYPT_OK) { + if ((err = der_length_object_identifier_full(words, nwords, &x, &z)) != CRYPT_OK) { return err; } if (x > *outlen) { @@ -35,17 +35,6 @@ int der_encode_object_identifier(const unsigned long *words, unsigned long nwor return CRYPT_BUFFER_OVERFLOW; } - /* compute length to store OID data */ - z = 0; - wordbuf = words[0] * 40 + words[1]; - for (y = 1; y < nwords; y++) { - t = der_object_identifier_bits(wordbuf); - z += t/7 + ((t%7) ? 1 : 0) + (wordbuf == 0 ? 1 : 0); - if (y < nwords - 1) { - wordbuf = words[y + 1]; - } - } - /* store header + length */ x = 0; out[x++] = 0x06; diff --git a/src/pk/asn1/der/object_identifier/der_length_object_identifier.c b/src/pk/asn1/der/object_identifier/der_length_object_identifier.c index cba75ce50..8facf74eb 100644 --- a/src/pk/asn1/der/object_identifier/der_length_object_identifier.c +++ b/src/pk/asn1/der/object_identifier/der_length_object_identifier.c @@ -9,7 +9,7 @@ #ifdef LTC_DER -unsigned long der_object_identifier_bits(unsigned long x) +static LTC_INLINE unsigned long s_der_object_identifier_bits(unsigned long x) { #if defined(LTC_HAVE_CLZL_BUILTIN) if (x == 0) @@ -26,14 +26,7 @@ unsigned long der_object_identifier_bits(unsigned long x) #endif } -/** - Gets length of DER encoding of Object Identifier - @param nwords The number of OID words - @param words The actual OID words to get the size of - @param outlen [out] The length of the DER encoding for the given string - @return CRYPT_OK if successful -*/ -int der_length_object_identifier(const unsigned long *words, unsigned long nwords, unsigned long *outlen) +int der_length_object_identifier_full(const unsigned long *words, unsigned long nwords, unsigned long *outlen, unsigned long *datalen) { unsigned long y, z, t, wordbuf; @@ -55,7 +48,7 @@ int der_length_object_identifier(const unsigned long *words, unsigned long nword z = 0; wordbuf = words[0] * 40 + words[1]; for (y = 1; y < nwords; y++) { - t = der_object_identifier_bits(wordbuf); + t = s_der_object_identifier_bits(wordbuf); z += t/7 + ((t%7) ? 1 : 0) + (wordbuf == 0 ? 1 : 0); if (y < nwords - 1) { /* grab next word */ @@ -63,6 +56,9 @@ int der_length_object_identifier(const unsigned long *words, unsigned long nword } } + if (datalen) { + *datalen = z; + } /* now depending on the length our length encoding changes */ if (z < 128) { z += 2; @@ -78,4 +74,16 @@ int der_length_object_identifier(const unsigned long *words, unsigned long nword return CRYPT_OK; } +/** + Gets length of DER encoding of Object Identifier + @param nwords The number of OID words + @param words The actual OID words to get the size of + @param outlen [out] The length of the DER encoding for the given string + @return CRYPT_OK if successful +*/ +int der_length_object_identifier(const unsigned long *words, unsigned long nwords, unsigned long *outlen) +{ + return der_length_object_identifier_full(words, nwords, outlen, NULL); +} + #endif