diff --git a/.gitignore b/.gitignore index 60a3b4e..a5716d2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ # Files to ignore by git # -# Version: 20200912 +# Version: 20230405 # Generic auto-generated build files *~ @@ -82,6 +82,7 @@ stamp-h[1-9] /m4/ltsugar.m4 /m4/ltversion.m4 /m4/nls.m4 +/m4/pkg.m4 /m4/po.m4 /m4/printf-posix.m4 /m4/progtest.m4 diff --git a/autogen.sh b/autogen.sh index 48276a3..83f54ea 100755 --- a/autogen.sh +++ b/autogen.sh @@ -1,7 +1,7 @@ #!/bin/sh # Script to generate ./configure using the autotools # -# Version: 20220709 +# Version: 20230405 EXIT_SUCCESS=0; EXIT_FAILURE=1; @@ -133,7 +133,7 @@ else exit $?; fi - ${ACLOCAL} --force -I m4; + ${ACLOCAL} --force --install -I m4; if test $? -ne 0; then exit $?; diff --git a/configure.ac b/configure.ac index d24441d..2296ba6 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ AC_PREREQ([2.71]) AC_INIT( [libhmac], - [20230205], + [20230407], [joachim.metz@gmail.com]) AC_CONFIG_SRCDIR( diff --git a/libhmac/libhmac_md5_context.c b/libhmac/libhmac_md5_context.c index f8038d5..58f59e8 100644 --- a/libhmac/libhmac_md5_context.c +++ b/libhmac/libhmac_md5_context.c @@ -40,8 +40,6 @@ #if !defined( LIBHMAC_HAVE_MD5_SUPPORT ) -#define LIBHMAC_MD5_BLOCK_SIZE 64 - /* RFC 1321 based MD5 functions */ @@ -857,6 +855,17 @@ int libhmac_md5_context_update( } if( internal_context->block_offset > 0 ) { + if( internal_context->block_offset >= LIBHMAC_MD5_BLOCK_SIZE ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, + "%s: invalid context - block offset value out of bounds.", + function ); + + return( -1 ); + } remaining_block_size = LIBHMAC_MD5_BLOCK_SIZE - internal_context->block_offset; if( remaining_block_size > size ) diff --git a/libhmac/libhmac_md5_context.h b/libhmac/libhmac_md5_context.h index e413e16..87891ec 100644 --- a/libhmac/libhmac_md5_context.h +++ b/libhmac/libhmac_md5_context.h @@ -48,6 +48,8 @@ extern "C" { #endif +#define LIBHMAC_MD5_BLOCK_SIZE 64 + typedef struct libhmac_internal_md5_context libhmac_internal_md5_context_t; struct libhmac_internal_md5_context @@ -81,7 +83,7 @@ struct libhmac_internal_md5_context /* The (data) block */ - uint8_t block[ 128 ]; + uint8_t block[ 2 * LIBHMAC_MD5_BLOCK_SIZE ]; #endif /* defined( HAVE_LIBCRYPTO ) && defined( HAVE_OPENSSL_MD5_H ) && defined( MD5_DIGEST_LENGTH ) */ }; diff --git a/libhmac/libhmac_sha1_context.c b/libhmac/libhmac_sha1_context.c index 073db14..19d2638 100644 --- a/libhmac/libhmac_sha1_context.c +++ b/libhmac/libhmac_sha1_context.c @@ -39,8 +39,6 @@ #if !defined( LIBHMAC_HAVE_SHA1_SUPPORT ) -#define LIBHMAC_SHA1_BLOCK_SIZE 64 - /* RFC 3174/FIPS 180-1 based SHA-1 functions */ @@ -930,6 +928,17 @@ int libhmac_sha1_context_update( } if( internal_context->block_offset > 0 ) { + if( internal_context->block_offset >= LIBHMAC_SHA1_BLOCK_SIZE ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, + "%s: invalid context - block offset value out of bounds.", + function ); + + return( -1 ); + } remaining_block_size = LIBHMAC_SHA1_BLOCK_SIZE - internal_context->block_offset; if( remaining_block_size > size ) diff --git a/libhmac/libhmac_sha1_context.h b/libhmac/libhmac_sha1_context.h index 6eb9bd0..be89bd5 100644 --- a/libhmac/libhmac_sha1_context.h +++ b/libhmac/libhmac_sha1_context.h @@ -48,6 +48,8 @@ extern "C" { #endif +#define LIBHMAC_SHA1_BLOCK_SIZE 64 + typedef struct libhmac_internal_sha1_context libhmac_internal_sha1_context_t; struct libhmac_internal_sha1_context @@ -81,7 +83,7 @@ struct libhmac_internal_sha1_context /* The (data) block */ - uint8_t block[ 128 ]; + uint8_t block[ 2 * LIBHMAC_SHA1_BLOCK_SIZE ]; #endif /* defined( HAVE_LIBCRYPTO ) && defined( HAVE_OPENSSL_SHA_H ) && defined( SHA_DIGEST_LENGTH ) */ }; diff --git a/libhmac/libhmac_sha224_context.c b/libhmac/libhmac_sha224_context.c index e119d94..4ea42fb 100644 --- a/libhmac/libhmac_sha224_context.c +++ b/libhmac/libhmac_sha224_context.c @@ -39,8 +39,6 @@ #if !defined( LIBHMAC_HAVE_SHA224_SUPPORT ) -#define LIBHMAC_SHA224_BLOCK_SIZE 64 - /* FIPS 180-2 based SHA-224 functions */ @@ -889,6 +887,17 @@ int libhmac_sha224_context_update( } if( internal_context->block_offset > 0 ) { + if( internal_context->block_offset >= LIBHMAC_SHA224_BLOCK_SIZE ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, + "%s: invalid context - block offset value out of bounds.", + function ); + + return( -1 ); + } remaining_block_size = LIBHMAC_SHA224_BLOCK_SIZE - internal_context->block_offset; if( remaining_block_size > size ) diff --git a/libhmac/libhmac_sha224_context.h b/libhmac/libhmac_sha224_context.h index 4924bf6..e644224 100644 --- a/libhmac/libhmac_sha224_context.h +++ b/libhmac/libhmac_sha224_context.h @@ -48,6 +48,8 @@ extern "C" { #endif +#define LIBHMAC_SHA224_BLOCK_SIZE 64 + typedef struct libhmac_internal_sha224_context libhmac_internal_sha224_context_t; struct libhmac_internal_sha224_context @@ -81,7 +83,7 @@ struct libhmac_internal_sha224_context /* The (data) block */ - uint8_t block[ 128 ]; + uint8_t block[ 2 * LIBHMAC_SHA224_BLOCK_SIZE ]; #endif /* defined( HAVE_LIBCRYPTO ) && defined( HAVE_OPENSSL_SHA_H ) && defined( SHA224_DIGEST_LENGTH ) */ }; diff --git a/libhmac/libhmac_sha256_context.c b/libhmac/libhmac_sha256_context.c index b971b28..50288fd 100644 --- a/libhmac/libhmac_sha256_context.c +++ b/libhmac/libhmac_sha256_context.c @@ -39,8 +39,6 @@ #if !defined( LIBHMAC_HAVE_SHA256_SUPPORT ) -#define LIBHMAC_SHA256_BLOCK_SIZE 64 - /* FIPS 180-2 based SHA-256 functions */ @@ -889,6 +887,17 @@ int libhmac_sha256_context_update( } if( internal_context->block_offset > 0 ) { + if( internal_context->block_offset >= LIBHMAC_SHA256_BLOCK_SIZE ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, + "%s: invalid context - block offset value out of bounds.", + function ); + + return( -1 ); + } remaining_block_size = LIBHMAC_SHA256_BLOCK_SIZE - internal_context->block_offset; if( remaining_block_size > size ) diff --git a/libhmac/libhmac_sha256_context.h b/libhmac/libhmac_sha256_context.h index 87cbe57..b5ecd7f 100644 --- a/libhmac/libhmac_sha256_context.h +++ b/libhmac/libhmac_sha256_context.h @@ -48,6 +48,8 @@ extern "C" { #endif +#define LIBHMAC_SHA256_BLOCK_SIZE 64 + typedef struct libhmac_internal_sha256_context libhmac_internal_sha256_context_t; struct libhmac_internal_sha256_context @@ -81,7 +83,7 @@ struct libhmac_internal_sha256_context /* The (data) block */ - uint8_t block[ 128 ]; + uint8_t block[ 2 * LIBHMAC_SHA256_BLOCK_SIZE ]; #endif /* defined( HAVE_LIBCRYPTO ) && defined( HAVE_OPENSSL_SHA_H ) && defined( SHA256_DIGEST_LENGTH ) */ }; diff --git a/libhmac/libhmac_sha512_context.c b/libhmac/libhmac_sha512_context.c index 7c0fef1..0c50049 100644 --- a/libhmac/libhmac_sha512_context.c +++ b/libhmac/libhmac_sha512_context.c @@ -39,8 +39,6 @@ #if !defined( LIBHMAC_HAVE_SHA512_SUPPORT ) -#define LIBHMAC_SHA512_BLOCK_SIZE 128 - /* FIPS 180-2 based SHA-512 functions */ @@ -925,6 +923,17 @@ int libhmac_sha512_context_update( } if( internal_context->block_offset > 0 ) { + if( internal_context->block_offset >= LIBHMAC_SHA512_BLOCK_SIZE ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, + "%s: invalid context - block offset value out of bounds.", + function ); + + return( -1 ); + } remaining_block_size = LIBHMAC_SHA512_BLOCK_SIZE - internal_context->block_offset; if( remaining_block_size > size ) diff --git a/libhmac/libhmac_sha512_context.h b/libhmac/libhmac_sha512_context.h index e65921d..179351d 100644 --- a/libhmac/libhmac_sha512_context.h +++ b/libhmac/libhmac_sha512_context.h @@ -48,6 +48,8 @@ extern "C" { #endif +#define LIBHMAC_SHA512_BLOCK_SIZE 128 + typedef struct libhmac_internal_sha512_context libhmac_internal_sha512_context_t; struct libhmac_internal_sha512_context @@ -81,7 +83,7 @@ struct libhmac_internal_sha512_context /* The (data) block */ - uint8_t block[ 128 ]; + uint8_t block[ 2 * LIBHMAC_SHA512_BLOCK_SIZE ]; #endif /* defined( HAVE_LIBCRYPTO ) && defined( HAVE_OPENSSL_SHA_H ) && defined( SHA512_DIGEST_LENGTH ) */ }; diff --git a/manuals/libhmac.3 b/manuals/libhmac.3 index b510262..a181886 100644 --- a/manuals/libhmac.3 +++ b/manuals/libhmac.3 @@ -1,4 +1,4 @@ -.Dd February 5, 2023 +.Dd April 7, 2023 .Dt libhmac 3 .Os libhmac .Sh NAME @@ -55,7 +55,7 @@ SHA1 functions .Ft int .Fn libhmac_sha1_calculate_hmac "const uint8_t *key" "size_t key_size" "const uint8_t *buffer" "size_t size" "uint8_t *hmac" "size_t hmac_size" "libhmac_error_t **error" .Pp -SHA-224 functions +SHA-224 context functions .Ft int .Fn libhmac_sha224_context_initialize "libhmac_sha224_context_t **context" "libhmac_error_t **error" .Ft int diff --git a/setup.cfg b/setup.cfg new file mode 100644 index 0000000..1ded777 --- /dev/null +++ b/setup.cfg @@ -0,0 +1,2 @@ +[metadata] +license_files = COPYING COPYING.LESSER diff --git a/tests/test_md5sum.sh b/tests/test_md5sum.sh index d4012cf..0e295f3 100755 --- a/tests/test_md5sum.sh +++ b/tests/test_md5sum.sh @@ -1,7 +1,7 @@ #!/bin/bash # Sum tool testing script # -# Version: 20200821 +# Version: 20230408 EXIT_SUCCESS=0; EXIT_FAILURE=1; @@ -21,7 +21,7 @@ test_callback() shift 5; local ARGUMENTS=("$@"); - run_test_with_input_and_arguments "${TEST_EXECUTABLE}" "-d md5" "${INPUT_FILE}" > ${TMPDIR}/hmacsum; + run_test_with_input_and_arguments "${TEST_EXECUTABLE}" "${INPUT_FILE}" -dmd5 > ${TMPDIR}/hmacsum; local RESULT=$?; # Note that the $'' string notation is needed for Mac OS to correctly interpret the tabs. @@ -35,7 +35,7 @@ test_callback() else VERIFICATION_DIGEST_HASH=`md5sum ${INPUT_FILE} | sed 's/[ ][ ]*[^ ][^ ]*$//'`; fi - if test ${DIGEST_HASH} != ${VERIFICATION_DIGEST_HASH}; + if test "${DIGEST_HASH}" != "${VERIFICATION_DIGEST_HASH}"; then RESULT=${EXIT_FAILURE}; fi diff --git a/tests/test_sha1sum.sh b/tests/test_sha1sum.sh index cec8ab3..7e41a41 100755 --- a/tests/test_sha1sum.sh +++ b/tests/test_sha1sum.sh @@ -1,7 +1,7 @@ #!/bin/bash # Sum tool testing script # -# Version: 20200821 +# Version: 20230408 EXIT_SUCCESS=0; EXIT_FAILURE=1; @@ -21,11 +21,13 @@ test_callback() shift 5; local ARGUMENTS=("$@"); - run_test_with_input_and_arguments "${TEST_EXECUTABLE}" "-d sha1" "${INPUT_FILE}" > ${TMPDIR}/hmacsum; + run_test_with_input_and_arguments "${TEST_EXECUTABLE}" "${INPUT_FILE}" -dsha1 > ${TMPDIR}/hmacsum; local RESULT=$?; DIGEST_HASH=`cat ${TMPDIR}/hmacsum | grep "SHA1" | sed 's/^[^:]*[:][\t][\t]*//'`; + cp ${TMPDIR}/hmacsum /tmp/ + if test ${RESULT} -eq ${EXIT_SUCCESS}; then if test "${PLATFORM}" = "Darwin"; @@ -34,7 +36,7 @@ test_callback() else VERIFICATION_DIGEST_HASH=`sha1sum ${INPUT_FILE} | sed 's/[ ][ ]*[^ ][^ ]*$//'`; fi - if test ${DIGEST_HASH} != ${VERIFICATION_DIGEST_HASH}; + if test "${DIGEST_HASH}" != "${VERIFICATION_DIGEST_HASH}"; then RESULT=${EXIT_FAILURE}; fi diff --git a/tests/test_sha2sum.sh b/tests/test_sha2sum.sh index aea0691..9544230 100755 --- a/tests/test_sha2sum.sh +++ b/tests/test_sha2sum.sh @@ -1,7 +1,7 @@ #!/bin/bash # Sum tool testing script # -# Version: 20200821 +# Version: 20230408 EXIT_SUCCESS=0; EXIT_FAILURE=1; @@ -21,7 +21,7 @@ test_callback() shift 5; local ARGUMENTS=("$@"); - run_test_with_input_and_arguments "${TEST_EXECUTABLE}" "-d sha224,sha256,sha512" "${INPUT_FILE}" > ${TMPDIR}/hmacsum; + run_test_with_input_and_arguments "${TEST_EXECUTABLE}" "${INPUT_FILE}" -dsha224,sha256,sha512 > ${TMPDIR}/hmacsum; local RESULT=$?; DIGEST_HASH=`cat ${TMPDIR}/hmacsum | grep "SHA224" | sed 's/^[^:]*[:][\t][\t]*//'`; @@ -34,7 +34,7 @@ test_callback() else VERIFICATION_DIGEST_HASH=`sha224sum ${INPUT_FILE} | sed 's/[ ][ ]*[^ ][^ ]*$//'`; fi - if test ${DIGEST_HASH} != ${VERIFICATION_DIGEST_HASH}; + if test "${DIGEST_HASH}" != "${VERIFICATION_DIGEST_HASH}"; then RESULT=${EXIT_FAILURE}; fi @@ -50,7 +50,7 @@ test_callback() else VERIFICATION_DIGEST_HASH=`sha256sum ${INPUT_FILE} | sed 's/[ ][ ]*[^ ][^ ]*$//'`; fi - if test ${DIGEST_HASH} != ${VERIFICATION_DIGEST_HASH}; + if test "${DIGEST_HASH}" != "${VERIFICATION_DIGEST_HASH}"; then RESULT=${EXIT_FAILURE}; fi @@ -66,7 +66,7 @@ test_callback() else VERIFICATION_DIGEST_HASH=`sha512sum ${INPUT_FILE} | sed 's/[ ][ ]*[^ ][^ ]*$//'`; fi - if test ${DIGEST_HASH} != ${VERIFICATION_DIGEST_HASH}; + if test "${DIGEST_HASH}" != "${VERIFICATION_DIGEST_HASH}"; then RESULT=${EXIT_FAILURE}; fi diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..df530a0 --- /dev/null +++ b/tox.ini @@ -0,0 +1,15 @@ +[tox] +envlist = py3{7,8,9,10,11} + +[testenv] +usedevelop = True +allowlist_externals = ./setup.py +pip_pre = True +passenv = + CFLAGS + CPPFLAGS + INCLUDE + LDFLAGS + LIB +commands = + ./setup.py bdist_wheel