merge of '540ae85af1cc9245c325ef716fcc5c5b334251d0'

     and 'ce3d40d9f2e90346189ca6dfed2a1f38804d5c10'

20 files changed, 45 insertions, 83 deletions

diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in
index 724801040..90d274d58 100644
--- a/src/build-data/buildh.in
+++ b/src/build-data/buildh.in
@@ -35,6 +35,13 @@
   #define BOTAN_USE_GCC_INLINE_ASM 0
 #endif
 
+#ifdef __GNUC__
+  #define BOTAN_GCC_VERSION \
+     (__GNUC__ * 100 + __GNUC_MINOR__ * 10 + __GNUC_PATCH__)
+#else
+  #define BOTAN_GCC_VERSION 0
+#endif
+
 /* Target identification and feature test macros */
 %{target_os_defines}
 
diff --git a/src/build-data/os/aix.txt b/src/build-data/os/aix.txt
index 312377096..369b720c4 100644
--- a/src/build-data/os/aix.txt
+++ b/src/build-data/os/aix.txt
@@ -3,7 +3,3 @@ os_type unix
 <target_features>
 gettimeofday
 </target_features>
-
-<supports_shared>
-all
-</supports_shared>
diff --git a/src/build-data/os/beos.txt b/src/build-data/os/beos.txt
index f6a06b7af..4a16b6326 100644
--- a/src/build-data/os/beos.txt
+++ b/src/build-data/os/beos.txt
@@ -9,10 +9,6 @@ doc_dir documentation
 gettimeofday
 </target_features>
 
-<supports_shared>
-all
-</supports_shared>
-
 <aliases>
 haiku
 </aliases>
diff --git a/src/build-data/os/cygwin.txt b/src/build-data/os/cygwin.txt
index f7c1f49ed..9ec86736d 100644
--- a/src/build-data/os/cygwin.txt
+++ b/src/build-data/os/cygwin.txt
@@ -1,15 +1,13 @@
 os_type unix
 
+# Cygwin supports shared libs fine, but there are problems with making a Botan
+# shared library when libraries it depends on are static-only (such as libz).
+# So until I can figure out a work-around, it's disabled.
+build_shared no
+
 install_root c:\Botan
 doc_dir docs
 
 <target_features>
 gettimeofday
 </target_features>
-
-# Cygwin supports shared libs fine, but there are problems with making a Botan
-# shared library when libraries it depends on are static-only (such as libz).
-# So until I can figure out a work-around, it's disabled.
-<supports_shared>
-#all
-</supports_shared>
diff --git a/src/build-data/os/darwin.txt b/src/build-data/os/darwin.txt
index af60e1bed..b63abf32c 100644
--- a/src/build-data/os/darwin.txt
+++ b/src/build-data/os/darwin.txt
@@ -12,10 +12,6 @@ doc_dir doc
 gettimeofday
 </target_features>
 
-<supports_shared>
-all
-</supports_shared>
-
 <aliases>
 macosx
 </aliases>
diff --git a/src/build-data/os/dragonfly.txt b/src/build-data/os/dragonfly.txt
index 7a002a65d..ff8f41d2a 100644
--- a/src/build-data/os/dragonfly.txt
+++ b/src/build-data/os/dragonfly.txt
@@ -5,7 +5,3 @@ clock_gettime
 gettimeofday
 posix_mlock
 </target_features>
-
-<supports_shared>
-all
-</supports_shared>
diff --git a/src/build-data/os/freebsd.txt b/src/build-data/os/freebsd.txt
index 3bcf58d62..14e6c63e2 100644
--- a/src/build-data/os/freebsd.txt
+++ b/src/build-data/os/freebsd.txt
@@ -4,7 +4,3 @@ os_type unix
 posix_mlock
 gettimeofday
 </target_features>
-
-<supports_shared>
-all
-</supports_shared>
diff --git a/src/build-data/os/hpux.txt b/src/build-data/os/hpux.txt
index e7aa30e9c..19c230d77 100644
--- a/src/build-data/os/hpux.txt
+++ b/src/build-data/os/hpux.txt
@@ -6,10 +6,6 @@ so_suffix sl
 gettimeofday
 </target_features>
 
-<supports_shared>
-all
-</supports_shared>
-
 <aliases>
 hp-ux
 </aliases>
diff --git a/src/build-data/os/hurd.txt b/src/build-data/os/hurd.txt
index f0ab18a98..e3906f63a 100644
--- a/src/build-data/os/hurd.txt
+++ b/src/build-data/os/hurd.txt
@@ -4,11 +4,6 @@ os_type unix
 posix_mlock
 </target_features>
 
-# Is this correct?
-<supports_shared>
-all
-</supports_shared>
-
 <aliases>
 gnu
 </aliases>
diff --git a/src/build-data/os/irix.txt b/src/build-data/os/irix.txt
index 312377096..369b720c4 100644
--- a/src/build-data/os/irix.txt
+++ b/src/build-data/os/irix.txt
@@ -3,7 +3,3 @@ os_type unix
 <target_features>
 gettimeofday
 </target_features>
-
-<supports_shared>
-all
-</supports_shared>
diff --git a/src/build-data/os/linux.txt b/src/build-data/os/linux.txt
index 2f59fb9d1..8bfacd4c9 100644
--- a/src/build-data/os/linux.txt
+++ b/src/build-data/os/linux.txt
@@ -6,8 +6,3 @@ gettimeofday
 posix_mlock
 gmtime_r
 </target_features>
-
-# Is this correct?
-<supports_shared>
-all
-</supports_shared>
diff --git a/src/build-data/os/mingw.txt b/src/build-data/os/mingw.txt
index 1b30e0b3a..08f85b4db 100644
--- a/src/build-data/os/mingw.txt
+++ b/src/build-data/os/mingw.txt
@@ -4,6 +4,8 @@ obj_suffix o
 so_suffix dll
 static_suffix a
 
+build_shared no
+
 ar_command "ar crs"
 ar_needs_ranlib yes
 
diff --git a/src/build-data/os/netbsd.txt b/src/build-data/os/netbsd.txt
index 312377096..369b720c4 100644
--- a/src/build-data/os/netbsd.txt
+++ b/src/build-data/os/netbsd.txt
@@ -3,7 +3,3 @@ os_type unix
 <target_features>
 gettimeofday
 </target_features>
-
-<supports_shared>
-all
-</supports_shared>
diff --git a/src/build-data/os/openbsd.txt b/src/build-data/os/openbsd.txt
index 312377096..369b720c4 100644
--- a/src/build-data/os/openbsd.txt
+++ b/src/build-data/os/openbsd.txt
@@ -3,7 +3,3 @@ os_type unix
 <target_features>
 gettimeofday
 </target_features>
-
-<supports_shared>
-all
-</supports_shared>
diff --git a/src/build-data/os/qnx.txt b/src/build-data/os/qnx.txt
index 312377096..369b720c4 100644
--- a/src/build-data/os/qnx.txt
+++ b/src/build-data/os/qnx.txt
@@ -3,7 +3,3 @@ os_type unix
 <target_features>
 gettimeofday
 </target_features>
-
-<supports_shared>
-all
-</supports_shared>
diff --git a/src/build-data/os/solaris.txt b/src/build-data/os/solaris.txt
index df951d4fc..47e7bccbc 100644
--- a/src/build-data/os/solaris.txt
+++ b/src/build-data/os/solaris.txt
@@ -5,10 +5,6 @@ posix_mlock
 gettimeofday
 </target_features>
 
-<supports_shared>
-all
-</supports_shared>
-
 <aliases>
 sunos
 </aliases>
diff --git a/src/build-data/os/tru64.txt b/src/build-data/os/tru64.txt
index 677c38955..a442743bc 100644
--- a/src/build-data/os/tru64.txt
+++ b/src/build-data/os/tru64.txt
@@ -4,10 +4,6 @@ os_type unix
 gettimeofday
 </target_features>
 
-<supports_shared>
-all
-</supports_shared>
-
 <aliases>
 osf1
 </aliases>
diff --git a/src/build-data/os/windows.txt b/src/build-data/os/windows.txt
index 4d8879dd8..140eddeba 100644
--- a/src/build-data/os/windows.txt
+++ b/src/build-data/os/windows.txt
@@ -16,10 +16,6 @@ win32_get_systemtime
 gmtime_s
 </target_features>
 
-<supports_shared>
-all
-</supports_shared>
-
 <aliases>
 win32
 MSWin32
diff --git a/src/pk_pad/eme1/eme1.cpp b/src/pk_pad/eme1/eme1.cpp
index d99ffaf58..9eab16d6c 100644
--- a/src/pk_pad/eme1/eme1.cpp
+++ b/src/pk_pad/eme1/eme1.cpp
@@ -1,12 +1,13 @@
 /*
-* EME1
-* (C) 1999-2007 Jack Lloyd
+* EME1 (aka OAEP)
+* (C) 1999-2010 Jack Lloyd
 *
 * Distributed under the terms of the Botan license
 */
 
 #include <botan/eme1.h>
 #include <botan/mgf1.h>
+#include <botan/mem_ops.h>
 #include <memory>
 
 namespace Botan {
@@ -50,11 +51,17 @@ SecureVector<byte> EME1::unpad(const byte in[], u32bit in_length,
    find the secret key, as described in "A Chosen Ciphertext Attack on
    RSA Optimal Asymmetric Encryption Padding (OAEP) as Standardized in
    PKCS #1 v2.0", James Manger, Crypto 2001
+
+   Also have to be careful about timing attacks! Pointed out by Falko
+   Strenzke.
    */
 
    key_length /= 8;
+
+   // Invalid input: truncate to zero length input, causing later
+   // checks to fail
    if(in_length > key_length)
-      throw Decoding_Error("Invalid EME1 encoding");
+      in_length = 0;
 
    SecureVector<byte> tmp(key_length);
    tmp.copy(key_length - in_length, in, in_length);
@@ -62,20 +69,29 @@ SecureVector<byte> EME1::unpad(const byte in[], u32bit in_length,
    mgf->mask(tmp + HASH_LENGTH, tmp.size() - HASH_LENGTH, tmp, HASH_LENGTH);
    mgf->mask(tmp, HASH_LENGTH, tmp + HASH_LENGTH, tmp.size() - HASH_LENGTH);
 
-   for(u32bit j = 0; j != Phash.size(); ++j)
-      if(tmp[j+HASH_LENGTH] != Phash[j])
-         throw Decoding_Error("Invalid EME1 encoding");
+   const bool phash_ok = same_mem(&tmp[HASH_LENGTH], &Phash[0], Phash.size());
 
-   for(u32bit j = HASH_LENGTH + Phash.size(); j != tmp.size(); ++j)
+   bool delim_ok = true;
+   u32bit delim_idx = 0;
+
+   // Is this vulnerable to timing attacks?
+   for(u32bit i = HASH_LENGTH + Phash.size(); i != tmp.size(); ++i)
       {
-      if(tmp[j] && tmp[j] != 0x01)
-         throw Decoding_Error("Invalid EME1 encoding");
-      if(tmp[j] && tmp[j] == 0x01)
+      if(tmp[i] && !delim_idx)
          {
-         SecureVector<byte> retval(tmp + j + 1, tmp.size() - j - 1);
-         return retval;
+         if(tmp[i] == 0x01)
+            delim_idx = i;
+         else
+            delim_ok = false;
          }
       }
+
+   if(delim_idx && delim_ok && phash_ok)
+      {
+      return SecureVector<byte>(tmp + delim_idx + 1,
+                                tmp.size() - delim_idx - 1);
+      }
+
    throw Decoding_Error("Invalid EME1 encoding");
    }
 
diff --git a/src/utils/cpuid.cpp b/src/utils/cpuid.cpp
index e4f5a1318..19a2db788 100644
--- a/src/utils/cpuid.cpp
+++ b/src/utils/cpuid.cpp
@@ -26,14 +26,15 @@
   #include <ia32intrin.h>
   #define CALL_CPUID(type, out) do { __cpuid(out, type); } while(0);
 
-#elif defined(BOTAN_BUILD_COMPILER_IS_GCC) && \
-      ((__GNUC__ > 4) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3))
+#elif BOTAN_GCC_VERSION >= 430
 
   // Only available starting in GCC 4.3
   #include <cpuid.h>
   #define CALL_CPUID(type, out) \
     do { __get_cpuid(type, out, out+1, out+2, out+3); } while(0);
 
+#else
+  #warning "No method of calling CPUID for this compiler"
 #endif
 
 #endif