diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/block/idea/idea.cpp | 23 | ||||
| -rw-r--r-- | src/build-data/buildh.in | 7 | ||||
| -rw-r--r-- | src/build-data/os/aix.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/beos.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/cygwin.txt | 12 | ||||
| -rw-r--r-- | src/build-data/os/darwin.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/dragonfly.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/freebsd.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/hpux.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/hurd.txt | 5 | ||||
| -rw-r--r-- | src/build-data/os/irix.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/linux.txt | 5 | ||||
| -rw-r--r-- | src/build-data/os/mingw.txt | 2 | ||||
| -rw-r--r-- | src/build-data/os/netbsd.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/openbsd.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/qnx.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/solaris.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/tru64.txt | 4 | ||||
| -rw-r--r-- | src/build-data/os/windows.txt | 4 | ||||
| -rw-r--r-- | src/pk_pad/eme1/eme1.cpp | 40 | ||||
| -rw-r--r-- | src/utils/cpuid.cpp | 5 |
21 files changed, 59 insertions, 92 deletions
diff --git a/src/block/idea/idea.cpp b/src/block/idea/idea.cpp index 15ff7c0ec..0c5dfed42 100644 --- a/src/block/idea/idea.cpp +++ b/src/block/idea/idea.cpp @@ -1,6 +1,6 @@ /* * IDEA -* (C) 1999-2007 Jack Lloyd +* (C) 1999-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -17,15 +17,18 @@ namespace { */ inline u16bit mul(u16bit x, u16bit y) { - if(x && y) - { - u32bit T = static_cast<u32bit>(x) * y; - x = static_cast<u16bit>(T >> 16); - y = static_cast<u16bit>(T & 0xFFFF); - return static_cast<u16bit>(y - x + ((y < x) ? 1 : 0)); - } - else - return static_cast<u16bit>(1 - x - y); + const u32bit P = static_cast<u32bit>(x) * y; + + // P ? 0xFFFF : 0 + const u16bit P_mask = !P - 1; + + const u32bit P_hi = P >> 16; + const u32bit P_lo = P & 0xFFFF; + + const u16bit r_1 = (P_lo - P_hi) + (P_lo < P_hi); + const u16bit r_2 = 1 - x - y; + + return (r_1 & P_mask) | (r_2 & ~P_mask); } /* diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in index 724801040..90d274d58 100644 --- a/src/build-data/buildh.in +++ b/src/build-data/buildh.in @@ -35,6 +35,13 @@ #define BOTAN_USE_GCC_INLINE_ASM 0 #endif +#ifdef __GNUC__ + #define BOTAN_GCC_VERSION \ + (__GNUC__ * 100 + __GNUC_MINOR__ * 10 + __GNUC_PATCH__) +#else + #define BOTAN_GCC_VERSION 0 +#endif + /* Target identification and feature test macros */ %{target_os_defines} diff --git a/src/build-data/os/aix.txt b/src/build-data/os/aix.txt index 312377096..369b720c4 100644 --- a/src/build-data/os/aix.txt +++ b/src/build-data/os/aix.txt @@ -3,7 +3,3 @@ os_type unix <target_features> gettimeofday </target_features> - -<supports_shared> -all -</supports_shared> diff --git a/src/build-data/os/beos.txt b/src/build-data/os/beos.txt index f6a06b7af..4a16b6326 100644 --- a/src/build-data/os/beos.txt +++ b/src/build-data/os/beos.txt @@ -9,10 +9,6 @@ doc_dir documentation gettimeofday </target_features> -<supports_shared> -all -</supports_shared> - <aliases> haiku </aliases> diff --git a/src/build-data/os/cygwin.txt b/src/build-data/os/cygwin.txt index f7c1f49ed..9ec86736d 100644 --- a/src/build-data/os/cygwin.txt +++ b/src/build-data/os/cygwin.txt @@ -1,15 +1,13 @@ os_type unix +# Cygwin supports shared libs fine, but there are problems with making a Botan +# shared library when libraries it depends on are static-only (such as libz). +# So until I can figure out a work-around, it's disabled. +build_shared no + install_root c:\Botan doc_dir docs <target_features> gettimeofday </target_features> - -# Cygwin supports shared libs fine, but there are problems with making a Botan -# shared library when libraries it depends on are static-only (such as libz). -# So until I can figure out a work-around, it's disabled. -<supports_shared> -#all -</supports_shared> diff --git a/src/build-data/os/darwin.txt b/src/build-data/os/darwin.txt index af60e1bed..b63abf32c 100644 --- a/src/build-data/os/darwin.txt +++ b/src/build-data/os/darwin.txt @@ -12,10 +12,6 @@ doc_dir doc gettimeofday </target_features> -<supports_shared> -all -</supports_shared> - <aliases> macosx </aliases> diff --git a/src/build-data/os/dragonfly.txt b/src/build-data/os/dragonfly.txt index 7a002a65d..ff8f41d2a 100644 --- a/src/build-data/os/dragonfly.txt +++ b/src/build-data/os/dragonfly.txt @@ -5,7 +5,3 @@ clock_gettime gettimeofday posix_mlock </target_features> - -<supports_shared> -all -</supports_shared> diff --git a/src/build-data/os/freebsd.txt b/src/build-data/os/freebsd.txt index 3bcf58d62..14e6c63e2 100644 --- a/src/build-data/os/freebsd.txt +++ b/src/build-data/os/freebsd.txt @@ -4,7 +4,3 @@ os_type unix posix_mlock gettimeofday </target_features> - -<supports_shared> -all -</supports_shared> diff --git a/src/build-data/os/hpux.txt b/src/build-data/os/hpux.txt index e7aa30e9c..19c230d77 100644 --- a/src/build-data/os/hpux.txt +++ b/src/build-data/os/hpux.txt @@ -6,10 +6,6 @@ so_suffix sl gettimeofday </target_features> -<supports_shared> -all -</supports_shared> - <aliases> hp-ux </aliases> diff --git a/src/build-data/os/hurd.txt b/src/build-data/os/hurd.txt index f0ab18a98..e3906f63a 100644 --- a/src/build-data/os/hurd.txt +++ b/src/build-data/os/hurd.txt @@ -4,11 +4,6 @@ os_type unix posix_mlock </target_features> -# Is this correct? -<supports_shared> -all -</supports_shared> - <aliases> gnu </aliases> diff --git a/src/build-data/os/irix.txt b/src/build-data/os/irix.txt index 312377096..369b720c4 100644 --- a/src/build-data/os/irix.txt +++ b/src/build-data/os/irix.txt @@ -3,7 +3,3 @@ os_type unix <target_features> gettimeofday </target_features> - -<supports_shared> -all -</supports_shared> diff --git a/src/build-data/os/linux.txt b/src/build-data/os/linux.txt index 2f59fb9d1..8bfacd4c9 100644 --- a/src/build-data/os/linux.txt +++ b/src/build-data/os/linux.txt @@ -6,8 +6,3 @@ gettimeofday posix_mlock gmtime_r </target_features> - -# Is this correct? -<supports_shared> -all -</supports_shared> diff --git a/src/build-data/os/mingw.txt b/src/build-data/os/mingw.txt index 1b30e0b3a..08f85b4db 100644 --- a/src/build-data/os/mingw.txt +++ b/src/build-data/os/mingw.txt @@ -4,6 +4,8 @@ obj_suffix o so_suffix dll static_suffix a +build_shared no + ar_command "ar crs" ar_needs_ranlib yes diff --git a/src/build-data/os/netbsd.txt b/src/build-data/os/netbsd.txt index 312377096..369b720c4 100644 --- a/src/build-data/os/netbsd.txt +++ b/src/build-data/os/netbsd.txt @@ -3,7 +3,3 @@ os_type unix <target_features> gettimeofday </target_features> - -<supports_shared> -all -</supports_shared> diff --git a/src/build-data/os/openbsd.txt b/src/build-data/os/openbsd.txt index 312377096..369b720c4 100644 --- a/src/build-data/os/openbsd.txt +++ b/src/build-data/os/openbsd.txt @@ -3,7 +3,3 @@ os_type unix <target_features> gettimeofday </target_features> - -<supports_shared> -all -</supports_shared> diff --git a/src/build-data/os/qnx.txt b/src/build-data/os/qnx.txt index 312377096..369b720c4 100644 --- a/src/build-data/os/qnx.txt +++ b/src/build-data/os/qnx.txt @@ -3,7 +3,3 @@ os_type unix <target_features> gettimeofday </target_features> - -<supports_shared> -all -</supports_shared> diff --git a/src/build-data/os/solaris.txt b/src/build-data/os/solaris.txt index df951d4fc..47e7bccbc 100644 --- a/src/build-data/os/solaris.txt +++ b/src/build-data/os/solaris.txt @@ -5,10 +5,6 @@ posix_mlock gettimeofday </target_features> -<supports_shared> -all -</supports_shared> - <aliases> sunos </aliases> diff --git a/src/build-data/os/tru64.txt b/src/build-data/os/tru64.txt index 677c38955..a442743bc 100644 --- a/src/build-data/os/tru64.txt +++ b/src/build-data/os/tru64.txt @@ -4,10 +4,6 @@ os_type unix gettimeofday </target_features> -<supports_shared> -all -</supports_shared> - <aliases> osf1 </aliases> diff --git a/src/build-data/os/windows.txt b/src/build-data/os/windows.txt index 23838eb6d..2d435535c 100644 --- a/src/build-data/os/windows.txt +++ b/src/build-data/os/windows.txt @@ -17,10 +17,6 @@ win32_query_perf_counter win32_virtual_lock </target_features> -<supports_shared> -all -</supports_shared> - <aliases> win32 MSWin32 diff --git a/src/pk_pad/eme1/eme1.cpp b/src/pk_pad/eme1/eme1.cpp index d99ffaf58..9eab16d6c 100644 --- a/src/pk_pad/eme1/eme1.cpp +++ b/src/pk_pad/eme1/eme1.cpp @@ -1,12 +1,13 @@ /* -* EME1 -* (C) 1999-2007 Jack Lloyd +* EME1 (aka OAEP) +* (C) 1999-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ #include <botan/eme1.h> #include <botan/mgf1.h> +#include <botan/mem_ops.h> #include <memory> namespace Botan { @@ -50,11 +51,17 @@ SecureVector<byte> EME1::unpad(const byte in[], u32bit in_length, find the secret key, as described in "A Chosen Ciphertext Attack on RSA Optimal Asymmetric Encryption Padding (OAEP) as Standardized in PKCS #1 v2.0", James Manger, Crypto 2001 + + Also have to be careful about timing attacks! Pointed out by Falko + Strenzke. */ key_length /= 8; + + // Invalid input: truncate to zero length input, causing later + // checks to fail if(in_length > key_length) - throw Decoding_Error("Invalid EME1 encoding"); + in_length = 0; SecureVector<byte> tmp(key_length); tmp.copy(key_length - in_length, in, in_length); @@ -62,20 +69,29 @@ SecureVector<byte> EME1::unpad(const byte in[], u32bit in_length, mgf->mask(tmp + HASH_LENGTH, tmp.size() - HASH_LENGTH, tmp, HASH_LENGTH); mgf->mask(tmp, HASH_LENGTH, tmp + HASH_LENGTH, tmp.size() - HASH_LENGTH); - for(u32bit j = 0; j != Phash.size(); ++j) - if(tmp[j+HASH_LENGTH] != Phash[j]) - throw Decoding_Error("Invalid EME1 encoding"); + const bool phash_ok = same_mem(&tmp[HASH_LENGTH], &Phash[0], Phash.size()); - for(u32bit j = HASH_LENGTH + Phash.size(); j != tmp.size(); ++j) + bool delim_ok = true; + u32bit delim_idx = 0; + + // Is this vulnerable to timing attacks? + for(u32bit i = HASH_LENGTH + Phash.size(); i != tmp.size(); ++i) { - if(tmp[j] && tmp[j] != 0x01) - throw Decoding_Error("Invalid EME1 encoding"); - if(tmp[j] && tmp[j] == 0x01) + if(tmp[i] && !delim_idx) { - SecureVector<byte> retval(tmp + j + 1, tmp.size() - j - 1); - return retval; + if(tmp[i] == 0x01) + delim_idx = i; + else + delim_ok = false; } } + + if(delim_idx && delim_ok && phash_ok) + { + return SecureVector<byte>(tmp + delim_idx + 1, + tmp.size() - delim_idx - 1); + } + throw Decoding_Error("Invalid EME1 encoding"); } diff --git a/src/utils/cpuid.cpp b/src/utils/cpuid.cpp index 8d801b75f..19a2db788 100644 --- a/src/utils/cpuid.cpp +++ b/src/utils/cpuid.cpp @@ -26,12 +26,15 @@ #include <ia32intrin.h> #define CALL_CPUID(type, out) do { __cpuid(out, type); } while(0); -#elif defined(BOTAN_BUILD_COMPILER_IS_GCC) +#elif BOTAN_GCC_VERSION >= 430 + // Only available starting in GCC 4.3 #include <cpuid.h> #define CALL_CPUID(type, out) \ do { __get_cpuid(type, out, out+1, out+2, out+3); } while(0); +#else + #warning "No method of calling CPUID for this compiler" #endif #endif |