diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 587c332..1f75449 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,6 +13,15 @@ permissions: contents: read jobs: + check-format: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: clang-format check + uses: jidicula/clang-format-action@v4.11.0 + with: + clang-format-version: '17' + include-regex: '^\./(app|examples|include|perf|src|test)/.*\.(c|h)$' minimal: runs-on: ubuntu-latest steps: @@ -20,17 +29,18 @@ jobs: - name: install packages run: | sudo apt-get update - sudo apt-get -y install cmake python3 python3-pip python3-pytest - # TODO - # because of local development using act forbidden by firewall, - # install cmake manually and simplify python & pytest env setup + sudo apt-get -y install cmake python3 python3-pip - name: Configure CMake run: cmake -B ${{github.workspace}}/build - name: Build run: cmake --build ${{github.workspace}}/build - name: Test working-directory: ${{github.workspace}}/build - run: ctest -C ${{env.BUILD_TYPE}} + run: | + python3 -m venv ${{github.workspace}}/.venv + source ${{github.workspace}}/.venv/bin/activate + pip3 install -r ${{github.workspace}}/test/requirements.txt + ctest -C ${{env.BUILD_TYPE}} - name: debug if: ${{ failure() }} run: | @@ -41,20 +51,24 @@ jobs: strategy: fail-fast: false matrix: - module: [asn1, sm3, sm4, ascon] + module: [ascon, asn1, hmac, oscore, sm3, sm4] steps: - uses: actions/checkout@v3 - name: install packages run: | sudo apt-get update - sudo apt-get -y install cmake python3 python3-pip python3-pytest + sudo apt-get -y install cmake python3 python3-pip - name: Configure CMake run: cmake -B ${{github.workspace}}/build -DWITH_${{matrix.module}}=ON - name: Build run: cmake --build ${{github.workspace}}/build - name: Test working-directory: ${{github.workspace}}/build - run: ctest -C ${{env.BUILD_TYPE}} + run: | + python3 -m venv ${{github.workspace}}/.venv + source ${{github.workspace}}/.venv/bin/activate + pip3 install -r ${{github.workspace}}/test/requirements.txt + ctest -C ${{env.BUILD_TYPE}} - name: debug if: ${{ failure() }} run: | @@ -67,14 +81,18 @@ jobs: - name: install packages run: | sudo apt-get update - sudo apt-get -y install cmake python3 python3-pip python3-pytest + sudo apt-get -y install cmake python3 python3-pip - name: Configure CMake run: cmake -B ${{github.workspace}}/build -DWITH_ALL=ON - name: Build run: cmake --build ${{github.workspace}}/build - name: Test working-directory: ${{github.workspace}}/build - run: ctest -C ${{env.BUILD_TYPE}} + run: | + python3 -m venv ${{github.workspace}}/.venv + source ${{github.workspace}}/.venv/bin/activate + pip3 install -r ${{github.workspace}}/test/requirements.txt + ctest -C ${{env.BUILD_TYPE}} - name: debug if: ${{ failure() }} run: | diff --git a/.github/workflows/compiler-zoo.yml b/.github/workflows/compiler-zoo.yml index 3f5985b..d151ad0 100644 --- a/.github/workflows/compiler-zoo.yml +++ b/.github/workflows/compiler-zoo.yml @@ -7,7 +7,7 @@ name: Compiler Zoo CI -on: [push] +on: [pull_request, push] permissions: contents: read @@ -79,6 +79,7 @@ jobs: runs-on: ${{ matrix.zoo.distro }} steps: + - uses: actions/checkout@v3 - name: install packages run: | llvm_ppa_name="${{ matrix.zoo.llvm-ppa-name }}" @@ -104,16 +105,18 @@ jobs: sudo apt-get update sudo apt-get -y install ${{ matrix.zoo.cc }} - sudo apt-get -y install cmake python3 python3-pytest - - - uses: actions/checkout@v3 + sudo apt-get -y install cmake python3 python3-pip - name: Configure CMake run: cmake -B ${{github.workspace}}/build -D CMAKE_C_COMPILER=${{ matrix.zoo.cc }} -DWITH_ALL=ON - name: Build run: cmake --build ${{github.workspace}}/build - name: Test working-directory: ${{github.workspace}}/build - run: ctest -C ${{env.BUILD_TYPE}} + run: | + python3 -m venv ${{github.workspace}}/.venv + source ${{github.workspace}}/.venv/bin/activate + pip3 install -r ${{github.workspace}}/test/requirements.txt + ctest -C ${{env.BUILD_TYPE}} - name: debug if: ${{ failure() }} run: | diff --git a/CMakeLists.txt b/CMakeLists.txt index 9af904b..8168b00 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,6 +1,6 @@ CMAKE_MINIMUM_REQUIRED(VERSION 2.8.8) -PROJECT(tongsuo-mini) +PROJECT(tongsuo-mini LANGUAGES C) if (MSVC) # warning level 4 and all warnings as errors diff --git a/README.cn.md b/README.cn.md index c900738..f9ce4d4 100644 --- a/README.cn.md +++ b/README.cn.md @@ -5,49 +5,64 @@ 铜锁迷你版(tongsuo-mini),中文名称“迷你锁”,是一个轻量级的密码学算法库,专为嵌入式系统和物联网设备等资源受限场景提供常用的密码学算法和安全传输协议,并可以适应超低内存和存储的极限要求。“迷你锁”通过高度模块化,允许用户在编译时只开启需要的功能,不浪费存储空间。 同时,通过紧凑的内存对齐等方式,压缩运行时内存。 -## 构建依赖 - -迷你锁依赖于cmake进行构建,以及python工具链进行自动化测试,具体来说,有: +## 特性 -* cmake -* python - * pytest +迷你锁(tongsuo-mini)提供如下特性: -上述工具在不同操作系统的安装方式也有所不同,请参考对应操作系统的安装说明。以下是在macOS上安装上述构建依赖的一个典型例子(基于homebrew): +* 高度可定制的模块化编译 +* 轻量级密码学算法 + * ASCON AEAD + * ASCON HASH +* 轻量级安全通信协议 + * OSCORE + * EDHOC\* +* 基于可预测逻辑的动态二进制加载能力\* +* 传统密码学算法 + * 商用密码算法:SM2\*,SM3,SM4 + * 国际密码学算法\*:AES,SHA系列,RSA,ECDSA,EdDSA +* 传统安全通信协议 + * TLS协议\* + * TLCP协议\* -~~~ -brew install cmake -brew install python -sudo pip3 install -r test/requirements.txt -~~~ +注:\*号表示待开发 ## 构建 -构建使用cmake,下载源代码后进入源代码根目录执行: +构建依赖cmake,make和C编译器(gcc或者clang),基于源代码构建迷你锁如下: ```bash +# 下载源代码 +git clone https://github.com/Tongsuo-Project/tongsuo-mini +cd tongsuo-mini + mkdir build cd build -cmake .. -make -make test + +# 编译所有模块使用-DWITH_ALL=ON, 编译指定模块-DWITH_=ON,例如-DWITH_ASCON=ON +# 查看所有可用的编译选项, cmake -LH .. +cmake -DWITH_ALL=ON .. +make -j + +# 安装 +make install ``` -## 特性 +## 测试 -迷你锁(tongsuo-mini)提供如下特性: +测试使用Python3,在test目录下创建虚拟环境并安装依赖: -* 高度可定制的模块化编译 -* 轻量级密码学算法 - * ASCON AEAD - * ASCON HASH -* 轻量级安全通信协议 - * OSCORE - * EDHOC -* 基于可预测逻辑的动态二进制加载能力 -* 传统密码学算法 - * 商用密码算法:SM2,SM3,SM4 - * 国际密码学算法:AES,SHA系列,RSA,ECDSA,EdDSA -* 传统安全通信协议 - * TLS协议 - * TLCP协议 \ No newline at end of file +```bash +cd test +python3 -m venv .venv +source .venv/bin/activate +pip3 install -r test/requirements.txt +``` + +然后在build目录下执行: +```bash +ctest +``` +或者在test目录下执行: +```bash +pytest . +``` diff --git a/README.md b/README.md index 3ee1c2b..7c9ad6c 100644 --- a/README.md +++ b/README.md @@ -8,49 +8,68 @@ Tongsuo-mini can be used in constrained environment while requiring small memory Tongsuo-mini is a member project of the Tongsuo open source community. -## Build Dependency - -Tongsuo-mini's build system depends on 'cmake' and it utilizes toolchain provided by Python for automated testing. +## Feature -* cmake -* python - * pytest +Tongsuo-mini has the following features: -The installation of the dependency is very different in various operating systems. This is a typical example on macOS as follows (based on homebrew): +* Highly configurable modular build system +* Lightweight cryptographic algorithm + * ASCON AEAD + * ASCON HASH +* Lightweight secure network protocol + * OSCORE + * EDHOC\* +* Dynamic binary loading based on predication logic\* +* Oridnary cryptography algorithm + * Chinese Shangmi: SM2\*,SM3,SM4 + * others\*: AES, SHA, RSA, ECDSA, EdDSA +* Ordinary secure network protocol + * TLS\* + * TLCP\* -~~~ -brew install cmake -brew install python -sudo pip3 install -r test/requirements.txt -~~~ +Note: \* means the feature is under development ## Build -Use the 'cmake' to build Tongsuo-mini. Run the following steps after Tongsuo-mini has been cloned into a local directory (inside that dir): +The build depends on cmake, make and C compiler (gcc or clang). +Build tongsuo-mini from the source code as follows: ```bash +# Download source code +git clone https://github.com/Tongsuo-Project/tongsuo-mini +cd tongsuo-mini + mkdir build cd build -cmake .. -make -make test + +# Compile all modules with -DWITH_ALL=ON, compile specific module with -DWITH_=ON, e.g. -DWITH_ASCON=ON +# View all available compilation options, cmake -LH .. +cmake -DWITH_ALL=ON .. +make -j + +# If you need to install +make install ``` -## Feature +## Test -Tongsuo-mini has the following features: +To test with Python3, create a virtual environment in the test directory and install the dependencies: -* Highly configurable modular build system -* Lightweight cryptographic algorithm - * ASCON AEAD - * ASCON HASH -* Lightweight secure network protocol - * OSCORE - * EDHOC -* Dynamic binary loading based on predication logic -* Oridnary cryptography algorithm - * Chinese Shangmi: SM2,SM3,SM4 - * others: AES, SHA, RSA, ECDSA, EdDSA -* Ordinary secure network protocol - * TLS/DTLS - * TLCP +```bash +cd test +python3 -m venv .venv +source .venv/bin/activate +pip3 install -r test/requirements.txt +``` + +Then run the command in the build directory: + +```bash +ctest +``` + +Or run the command in the test directory: + +```bash +pytest . +``` diff --git a/app/minisuo.c b/app/minisuo.c index 2d377c2..158a2b6 100644 --- a/app/minisuo.c +++ b/app/minisuo.c @@ -379,7 +379,7 @@ static int ascon_aead_handler(int argc, char **argv) } if (ad != NULL && strlen(ad) > 0) { - if (tsm_ascon_aead_update(ctx, (unsigned char*)ad, strlen(ad), NULL, NULL) != TSM_OK) { + if (tsm_ascon_aead_update(ctx, (unsigned char *)ad, strlen(ad), NULL, NULL) != TSM_OK) { goto end; } } @@ -498,10 +498,9 @@ static cmd_handler cmds[] = { {"ascon-aead", ascon_aead_handler}, {"ascon-hash", ascon_hash_handler}, #endif - {"\0", NULL} -}; + {"\0", NULL}}; -#define N_CMD (int)(sizeof(cmds)/sizeof(cmds[0])) +#define N_CMD (int)(sizeof(cmds) / sizeof(cmds[0])) void print_help(void) { diff --git a/doc/build.md b/doc/build.md index aae2721..b704023 100644 --- a/doc/build.md +++ b/doc/build.md @@ -1,27 +1,43 @@ -## Build Dependency +## Build -Tongsuo-mini's build system depends on 'cmake' and it utilizes toolchain provided by Python for automated testing. +The build depends on cmake, make and C compiler (gcc or clang). +Build tongsuo-mini from the source code as follows: -* cmake -* python - * pytest +```bash +# Download source code +git clone https://github.com/Tongsuo-Project/tongsuo-mini +cd tongsuo-mini -The installation of the dependency is very different in various operating systems. This is a typical example on macOS as follows (based on homebrew): +mkdir build +cd build -~~~ -brew install cmake -brew install python -sudo pip3 install -r test/requirements.txt -~~~ +# Compile all modules with -DWITH_ALL=ON, compile specific module with -DWITH_=ON, e.g. -DWITH_ASCON=ON +cmake -DWITH_ALL=ON .. +make -j -## Build +# If you need to install +make install +``` + +## Test -Use the 'cmake' to build Tongsuo-mini. Run the following steps after Tongsuo-mini has been cloned into a local directory (inside that dir): +To test with Python3, create a virtual environment in the test directory and install the dependencies: ```bash -mkdir build -cd build -cmake .. -make -make test -``` \ No newline at end of file +cd test +python3 -m venv .venv +source .venv/bin/activate +pip3 install -r test/requirements.txt +``` + +Then run the command in the build directory: + +```bash +ctest +``` + +Or run the command in the test directory: + +```bash +pytest . +``` diff --git a/include/internal/meth.h b/include/internal/meth.h index 3abac29..a1d10a8 100644 --- a/include/internal/meth.h +++ b/include/internal/meth.h @@ -11,6 +11,7 @@ # define TSM_INTERNAL_METH_H # pragma once +# include # include typedef struct { diff --git a/include/internal/sm4.h b/include/internal/sm4.h index a49d6f9..b003736 100644 --- a/include/internal/sm4.h +++ b/include/internal/sm4.h @@ -24,7 +24,7 @@ typedef struct tsm_sm4_ctx_s { unsigned char block_size; unsigned char iv_len; unsigned char iv[TSM_MAX_IV_LENGTH]; - int buf_len; /* number we have left */ + int buf_len; /* number we have left */ unsigned char buf[TSM_MAX_BLOCK_LENGTH]; /* saved partial block */ int final_used; unsigned char final[TSM_MAX_BLOCK_LENGTH]; /* possible final block */ diff --git a/include/tongsuo/ascon.h b/include/tongsuo/ascon.h index f93c759..4e4e45c 100644 --- a/include/tongsuo/ascon.h +++ b/include/tongsuo/ascon.h @@ -17,15 +17,15 @@ extern "C" { # include -# define TSM_ASCON_AEAD_128 0x1 -# define TSM_ASCON_AEAD_128A 0x2 +# define TSM_ASCON_AEAD_128 0x1 +# define TSM_ASCON_AEAD_128A 0x2 -# define TSM_ASCON_AEAD_TAG_LEN 16 -# define TSM_ASCON_AEAD_KEY_LEN 16 -# define TSM_ASCON_AEAD_IV_LEN 16 +# define TSM_ASCON_AEAD_TAG_LEN 16 +# define TSM_ASCON_AEAD_KEY_LEN 16 +# define TSM_ASCON_AEAD_IV_LEN 16 -# define TSM_ASCON_HASH_LEN 32 -# define TSM_ASCON_HMAC_LEN TSM_ASCON_HASH_LEN +# define TSM_ASCON_HASH_LEN 32 +# define TSM_ASCON_HMAC_LEN TSM_ASCON_HASH_LEN /* Create a new context of ascon aead, should be freed by tsm_ascon_aead_ctx_free() after use. */ void *tsm_ascon_aead_ctx_new(void); diff --git a/include/tongsuo/mem.h b/include/tongsuo/mem.h index c644a79..05e15aa 100644 --- a/include/tongsuo/mem.h +++ b/include/tongsuo/mem.h @@ -16,6 +16,7 @@ extern "C" { # endif # include +# include # pragma pack(1) typedef struct tsm_str_s { diff --git a/include/tongsuo/minisuo.h b/include/tongsuo/minisuo.h index c4f94d1..958bb9f 100644 --- a/include/tongsuo/minisuo.h +++ b/include/tongsuo/minisuo.h @@ -17,11 +17,11 @@ extern "C" { # include -# define TONGSUO_IS_MINI 1 +# define TONGSUO_IS_MINI 1 -# define TSM_VERSION_MAJOR 0 -# define TSM_VERSION_MINOR 9 -# define TSM_VERSION_PATCH 0 +# define TSM_VERSION_MAJOR 0 +# define TSM_VERSION_MINOR 9 +# define TSM_VERSION_PATCH 0 /* 0x00, dev * 0x1~0xfe, pre1~pre254 * 0xff, release */ diff --git a/include/tongsuo/oscore_cose.h b/include/tongsuo/oscore_cose.h index 24c02e1..62cbec5 100644 --- a/include/tongsuo/oscore_cose.h +++ b/include/tongsuo/oscore_cose.h @@ -18,11 +18,11 @@ extern "C" { # include # include -# define AES_CCM_TAG 16 +# define AES_CCM_TAG 16 -# define COSE_ALGORITHM_ED25519_SIG_LEN 64 -# define COSE_ALGORITHM_ED25519_PRIV_KEY_LEN 32 -# define COSE_ALGORITHM_ED25519_PUB_KEY_LEN 32 +# define COSE_ALGORITHM_ED25519_SIG_LEN 64 +# define COSE_ALGORITHM_ED25519_PRIV_KEY_LEN 32 +# define COSE_ALGORITHM_ED25519_PUB_KEY_LEN 32 # define COSE_ALGORITHM_ASCON_AEAD_16_128_128_KEY_LEN 16 # define COSE_ALGORITHM_ASCON_AEAD_16_128_128_NONCE_LEN 16 @@ -93,7 +93,7 @@ typedef enum { COSE_ALGORITHM_HKDF_SHA_512 = -11, COSE_ALGORITHM_HKDF_SHA_256 = -10, COSE_ALGORITHM_EDDSA = -8, - COSE_ALGORITHM_ES256 = -7, /* with ECC known as secp256r1 */ + COSE_ALGORITHM_ES256 = -7, /* with ECC known as secp256r1 */ COSE_ALGORITHM_HMAC256_64 = 4, /* truncated to 64 bits */ COSE_ALGORITHM_HMAC256_256 = 5, COSE_ALGORITHM_HMAC384_384 = 6, diff --git a/include/tongsuo/sm3.h b/include/tongsuo/sm3.h index 89c8d0e..51680f8 100644 --- a/include/tongsuo/sm3.h +++ b/include/tongsuo/sm3.h @@ -17,7 +17,7 @@ extern "C" { # include -# define TSM_SM3_DIGEST_LEN 32 +# define TSM_SM3_DIGEST_LEN 32 /* Create a new context of sm3. The context should be freed by calling tsm_sm3_ctx_free() after use. */ diff --git a/perf/perf.c b/perf/perf.c index eec80de..5455246 100644 --- a/perf/perf.c +++ b/perf/perf.c @@ -77,10 +77,10 @@ int main(void) unsigned char sm3_md[TSM_SM3_DIGEST_LEN]; unsigned char ascon_md[TSM_ASCON_HASH_LEN]; size_t mdlen = 0; - unsigned char key[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, - 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 }; - unsigned char iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }; + unsigned char key[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, + 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}; + unsigned char iv[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}; unsigned char ad[] = "performance test program"; memset(&result, 0, sizeof(result)); diff --git a/src/ascon.c b/src/ascon.c index 3c1bfb7..878af55 100644 --- a/src/ascon.c +++ b/src/ascon.c @@ -16,22 +16,22 @@ #include "internal/log.h" #include "internal/meth.h" -#define CRYPTO_VERSION "1.2.7" -#define CRYPTO_KEYBYTES 16 -#define CRYPTO_NSECBYTES 0 -#define CRYPTO_NPUBBYTES 16 -#define CRYPTO_ABYTES 16 -#define CRYPTO_NOOVERLAP 1 -#define ASCON_AEAD_RATE 8 +#define CRYPTO_VERSION "1.2.7" +#define CRYPTO_KEYBYTES 16 +#define CRYPTO_NSECBYTES 0 +#define CRYPTO_NPUBBYTES 16 +#define CRYPTO_ABYTES 16 +#define CRYPTO_NOOVERLAP 1 +#define ASCON_AEAD_RATE 8 #define ASCON_128_KEYBYTES TSM_ASCON_AEAD_KEY_LEN #define ASCON_128A_KEYBYTES TSM_ASCON_AEAD_KEY_LEN -#define ASCON_128_RATE 8 -#define ASCON_128A_RATE 16 -#define ASCON_128_PA_ROUNDS 12 -#define ASCON_128_PB_ROUNDS 6 -#define ASCON_128A_PA_ROUNDS 12 -#define ASCON_128A_PB_ROUNDS 8 +#define ASCON_128_RATE 8 +#define ASCON_128A_RATE 16 +#define ASCON_128_PA_ROUNDS 12 +#define ASCON_128_PB_ROUNDS 6 +#define ASCON_128A_PA_ROUNDS 12 +#define ASCON_128A_PB_ROUNDS 8 #define ASCON_HASH_RATE 8 #define ASCON_HASH_PA_ROUNDS 12 @@ -40,22 +40,22 @@ #define ASCON_HASHA_PB_ROUNDS 8 #define ASCON_128_IV \ - (((uint64_t)(ASCON_128_KEYBYTES * 8) << 56) | ((uint64_t)(ASCON_128_RATE * 8) << 48) \ - | ((uint64_t)(ASCON_128_PA_ROUNDS) << 40) | ((uint64_t)(ASCON_128_PB_ROUNDS) << 32)) + (((uint64_t)(ASCON_128_KEYBYTES * 8) << 56) | ((uint64_t)(ASCON_128_RATE * 8) << 48) \ + | ((uint64_t)(ASCON_128_PA_ROUNDS) << 40) | ((uint64_t)(ASCON_128_PB_ROUNDS) << 32)) #define ASCON_128A_IV \ - (((uint64_t)(ASCON_128A_KEYBYTES * 8) << 56) | ((uint64_t)(ASCON_128A_RATE * 8) << 48) \ - | ((uint64_t)(ASCON_128A_PA_ROUNDS) << 40) | ((uint64_t)(ASCON_128A_PB_ROUNDS) << 32)) + (((uint64_t)(ASCON_128A_KEYBYTES * 8) << 56) | ((uint64_t)(ASCON_128A_RATE * 8) << 48) \ + | ((uint64_t)(ASCON_128A_PA_ROUNDS) << 40) | ((uint64_t)(ASCON_128A_PB_ROUNDS) << 32)) #define ASCON_HASH_IV \ - (((uint64_t)(ASCON_HASH_RATE * 8) << 48) | ((uint64_t)(ASCON_HASH_PA_ROUNDS) << 40) \ - | ((uint64_t)(ASCON_HASH_PA_ROUNDS - ASCON_HASH_PB_ROUNDS) << 32) \ - | ((uint64_t)(TSM_ASCON_HASH_LEN * 8) << 0)) + (((uint64_t)(ASCON_HASH_RATE * 8) << 48) | ((uint64_t)(ASCON_HASH_PA_ROUNDS) << 40) \ + | ((uint64_t)(ASCON_HASH_PA_ROUNDS - ASCON_HASH_PB_ROUNDS) << 32) \ + | ((uint64_t)(TSM_ASCON_HASH_LEN * 8) << 0)) #define ASCON_HASHA_IV \ - (((uint64_t)(ASCON_HASH_RATE * 8) << 48) | ((uint64_t)(ASCON_HASHA_PA_ROUNDS) << 40) \ - | ((uint64_t)(ASCON_HASHA_PA_ROUNDS - ASCON_HASHA_PB_ROUNDS) << 32) \ - | ((uint64_t)(TSM_ASCON_HASH_LEN * 8) << 0)) + (((uint64_t)(ASCON_HASH_RATE * 8) << 48) | ((uint64_t)(ASCON_HASHA_PA_ROUNDS) << 40) \ + | ((uint64_t)(ASCON_HASHA_PA_ROUNDS - ASCON_HASHA_PB_ROUNDS) << 32) \ + | ((uint64_t)(TSM_ASCON_HASH_LEN * 8) << 0)) /* get byte from 64-bit Ascon word */ #define GETBYTE(x, i) ((uint8_t)((uint64_t)(x) >> (56 - 8 * (i)))) @@ -73,7 +73,7 @@ static void printstate(const char *label, ascon_state_t *s) s->x[2], s->x[3], s->x[4]); } #else -#define printstate(...) +# define printstate(...) #endif /* load bytes into 64-bit Ascon word */ diff --git a/src/hmac.c b/src/hmac.c index 2cfaec8..938a63d 100644 --- a/src/hmac.c +++ b/src/hmac.c @@ -14,8 +14,8 @@ #include #include -#define HMAC_IPAD 0x36 -#define HMAC_OPAD 0x5C +#define HMAC_IPAD 0x36 +#define HMAC_OPAD 0x5C /* The current largest case is for SHA3-224 */ #define HMAC_MAX_MD_CBLOCK_SIZE 144 diff --git a/src/meth.c b/src/meth.c index b1fe762..ae2ec74 100644 --- a/src/meth.c +++ b/src/meth.c @@ -59,6 +59,7 @@ static TSM_HASH_METH tsm_sm3_meth = { void *tsm_get_hash_meth(int alg) { + (void)alg; #ifdef TSM_HAVE_SM3 if (alg == TSM_HASH_SM3) return &tsm_sm3_meth; diff --git a/src/oscore.c b/src/oscore.c index b170dec..bf95f3e 100644 --- a/src/oscore.c +++ b/src/oscore.c @@ -173,7 +173,7 @@ int tsm_oscore_decode_option_value(const uint8_t *opt_value, } if ((opt_value[0] & 0x08) != 0) { - if (option_len - offset < 0) { + if (offset > option_len) { return TSM_FAILED; } diff --git a/src/oscore_cbor.c b/src/oscore_cbor.c index 0c43eb8..484c3d5 100644 --- a/src/oscore_cbor.c +++ b/src/oscore_cbor.c @@ -307,8 +307,8 @@ static size_t oscore_cbor_skip_value(const uint8_t **data, size_t *buf_len) { uint8_t elem = tsm_oscore_cbor_get_next_element(data, buf_len); uint8_t control = get_byte(data, buf_len) & 0x1f; - size_t nb = 0; /* number of elements in array or map */ - size_t num = 0; /* number of bytes of length or number */ + size_t nb = 0; /* number of elements in array or map */ + size_t num = 0; /* number of bytes of length or number */ size_t size = 0; /* size of value to be skipped */ if (control < 0x18) { num = 1; diff --git a/src/oscore_context.c b/src/oscore_context.c index dd66349..844e0ae 100644 --- a/src/oscore_context.c +++ b/src/oscore_context.c @@ -128,9 +128,9 @@ oscore_recipient_ctx_t *tsm_oscore_find_recipient(const oscore_ctx_t *osc_ctx, static void oscore_convert_to_hex(const uint8_t *src, size_t src_len, char *dest, size_t dst_len) { /* - * Last output character will be '\000' - * (If output undersized, add trailing ... to indicate this. - */ + * Last output character will be '\000' + * (If output undersized, add trailing ... to indicate this. + */ size_t space = (dst_len - 4) / 3; uint32_t qq; @@ -331,11 +331,11 @@ oscore_ctx_t *tsm_oscore_ctx_dup(oscore_ctx_t *o_osc_ctx, } /* - * Need to set the last Sender Seq Num based on ssn_freq - * The value should only change if there is a change to ssn_freq - * and (potentially) be lower than seq, then save_seq_num_func() is - * immediately called on next SSN update. - */ + * Need to set the last Sender Seq Num based on ssn_freq + * The value should only change if there is a change to ssn_freq + * and (potentially) be lower than seq, then save_seq_num_func() is + * immediately called on next SSN update. + */ sender_ctx->next_seq = 0; sender_ctx->seq = 0; @@ -409,11 +409,11 @@ oscore_ctx_t *tsm_oscore_ctx_new(TSM_OSCORE_CONF *oscore_conf) } /* - * Need to set the last Sender Seq Num based on ssn_freq - * The value should only change if there is a change to ssn_freq - * and (potentially) be lower than seq, then save_seq_num_func() is - * immediately called on next SSN update. - */ + * Need to set the last Sender Seq Num based on ssn_freq + * The value should only change if there is a change to ssn_freq + * and (potentially) be lower than seq, then save_seq_num_func() is + * immediately called on next SSN update. + */ sender_ctx->next_seq = oscore_conf->start_seq_num - (oscore_conf->start_seq_num % (oscore_conf->ssn_freq > 0 ? oscore_conf->ssn_freq : 1)); diff --git a/src/sm3.c b/src/sm3.c index 43a44b3..2fe2ca9 100644 --- a/src/sm3.c +++ b/src/sm3.c @@ -24,48 +24,47 @@ #define SM3_G 0xe38dee4dUL #define SM3_H 0xb0fb0e4eUL -#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++))) ) ) -#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff), \ - l) - -#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) - -#define P0(X) (X ^ ROTATE(X, 9) ^ ROTATE(X, 17)) -#define P1(X) (X ^ ROTATE(X, 15) ^ ROTATE(X, 23)) - -#define FF0(X,Y,Z) (X ^ Y ^ Z) -#define GG0(X,Y,Z) (X ^ Y ^ Z) - -#define FF1(X,Y,Z) ((X & Y) | ((X | Y) & Z)) -#define GG1(X,Y,Z) ((Z ^ (X & (Y ^ Z)))) - -#define EXPAND(W0,W7,W13,W3,W10) \ - (P1(W0 ^ W7 ^ ROTATE(W13, 15)) ^ ROTATE(W3, 7) ^ W10) - -#define RND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF, GG) \ - do { \ - const unsigned int A12 = ROTATE(A, 12); \ - const unsigned int A12_SM = A12 + E + TJ; \ - const unsigned int SS1 = ROTATE(A12_SM, 7); \ - const unsigned int TT1 = FF(A, B, C) + D + (SS1 ^ A12) + (Wj); \ - const unsigned int TT2 = GG(E, F, G) + H + SS1 + Wi; \ - B = ROTATE(B, 9); \ - D = TT1; \ - F = ROTATE(F, 19); \ - H = P0(TT2); \ - } while(0) - -#define R1(A,B,C,D,E,F,G,H,TJ,Wi,Wj) \ - RND(A,B,C,D,E,F,G,H,TJ,Wi,Wj,FF0,GG0) - -#define R2(A,B,C,D,E,F,G,H,TJ,Wi,Wj) \ - RND(A,B,C,D,E,F,G,H,TJ,Wi,Wj,FF1,GG1) +#define HOST_c2l(c, l) \ + (l = (((unsigned long)(*((c)++))) << 24), \ + l |= (((unsigned long)(*((c)++))) << 16), \ + l |= (((unsigned long)(*((c)++))) << 8), \ + l |= (((unsigned long)(*((c)++))))) +#define HOST_l2c(l, c) \ + (*((c)++) = (unsigned char)(((l) >> 24) & 0xff), \ + *((c)++) = (unsigned char)(((l) >> 16) & 0xff), \ + *((c)++) = (unsigned char)(((l) >> 8) & 0xff), \ + *((c)++) = (unsigned char)(((l)) & 0xff), \ + l) + +#define ROTATE(a, n) (((a) << (n)) | (((a) & 0xffffffff) >> (32 - (n)))) + +#define P0(X) (X ^ ROTATE(X, 9) ^ ROTATE(X, 17)) +#define P1(X) (X ^ ROTATE(X, 15) ^ ROTATE(X, 23)) + +#define FF0(X, Y, Z) (X ^ Y ^ Z) +#define GG0(X, Y, Z) (X ^ Y ^ Z) + +#define FF1(X, Y, Z) ((X & Y) | ((X | Y) & Z)) +#define GG1(X, Y, Z) ((Z ^ (X & (Y ^ Z)))) + +#define EXPAND(W0, W7, W13, W3, W10) (P1(W0 ^ W7 ^ ROTATE(W13, 15)) ^ ROTATE(W3, 7) ^ W10) + +#define RND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF, GG) \ + do { \ + const unsigned int A12 = ROTATE(A, 12); \ + const unsigned int A12_SM = A12 + E + TJ; \ + const unsigned int SS1 = ROTATE(A12_SM, 7); \ + const unsigned int TT1 = FF(A, B, C) + D + (SS1 ^ A12) + (Wj); \ + const unsigned int TT2 = GG(E, F, G) + H + SS1 + Wi; \ + B = ROTATE(B, 9); \ + D = TT1; \ + F = ROTATE(F, 19); \ + H = P0(TT2); \ + } while (0) + +#define R1(A, B, C, D, E, F, G, H, TJ, Wi, Wj) RND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF0, GG0) + +#define R2(A, B, C, D, E, F, G, H, TJ, Wi, Wj) RND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF1, GG1) void *tsm_sm3_ctx_new(void) { @@ -115,11 +114,9 @@ void tsm_sm3_transform(void *c, const unsigned char *p, size_t num) const unsigned char *data = p; register unsigned int A, B, C, D, E, F, G, H; - unsigned int W00, W01, W02, W03, W04, W05, W06, W07, - W08, W09, W10, W11, W12, W13, W14, W15; + unsigned int W00, W01, W02, W03, W04, W05, W06, W07, W08, W09, W10, W11, W12, W13, W14, W15; for (; num--;) { - A = ctx->A; B = ctx->B; C = ctx->C; @@ -130,9 +127,9 @@ void tsm_sm3_transform(void *c, const unsigned char *p, size_t num) H = ctx->H; /* - * We have to load all message bytes immediately since SM3 reads - * them slightly out of order. - */ + * We have to load all message bytes immediately since SM3 reads + * them slightly out of order. + */ (void)HOST_c2l(data, W00); (void)HOST_c2l(data, W01); (void)HOST_c2l(data, W02); @@ -289,10 +286,10 @@ int tsm_sm3_update(void *ctx, const unsigned char *data, size_t len) return TSM_OK; l = (c->Nl + (((unsigned int)len) << 3)) & 0xffffffffUL; - if (l < c->Nl) /* overflow */ + if (l < c->Nl) /* overflow */ c->Nh++; c->Nh += (unsigned int)(len >> 29); /* might cause compiler warning on - * 16-bit */ + * 16-bit */ c->Nl = l; n = c->num; @@ -355,21 +352,21 @@ int tsm_sm3_final(void *ctx, unsigned char *md, size_t *mdlen) c->num = 0; tsm_memzero(p, TSM_SM3_CBLOCK); - ll=c->A; + ll = c->A; (void)HOST_l2c(ll, md); - ll=c->B; + ll = c->B; (void)HOST_l2c(ll, md); - ll=c->C; + ll = c->C; (void)HOST_l2c(ll, md); - ll=c->D; + ll = c->D; (void)HOST_l2c(ll, md); - ll=c->E; + ll = c->E; (void)HOST_l2c(ll, md); - ll=c->F; + ll = c->F; (void)HOST_l2c(ll, md); - ll=c->G; + ll = c->G; (void)HOST_l2c(ll, md); - ll=c->H; + ll = c->H; (void)HOST_l2c(ll, md); if (mdlen) diff --git a/src/sm4.c b/src/sm4.c index 005486d..dabffa4 100644 --- a/src/sm4.c +++ b/src/sm4.c @@ -258,12 +258,12 @@ static int sm4_set_key(const uint8_t *key, uint32_t rk[SM4_KEY_SCHEDULE]) } #define SM4_RNDS(k0, k1, k2, k3, F) \ - do { \ - B0 ^= F(B1 ^ B2 ^ B3 ^ rk[k0]); \ - B1 ^= F(B0 ^ B2 ^ B3 ^ rk[k1]); \ - B2 ^= F(B0 ^ B1 ^ B3 ^ rk[k2]); \ - B3 ^= F(B0 ^ B1 ^ B2 ^ rk[k3]); \ - } while (0) + do { \ + B0 ^= F(B1 ^ B2 ^ B3 ^ rk[k0]); \ + B1 ^= F(B0 ^ B2 ^ B3 ^ rk[k1]); \ + B2 ^= F(B0 ^ B1 ^ B3 ^ rk[k2]); \ + B3 ^= F(B0 ^ B1 ^ B2 ^ rk[k3]); \ + } while (0) static void sm4_encrypt(const uint8_t *in, uint8_t *out, uint32_t rk[SM4_KEY_SCHEDULE]) { @@ -448,7 +448,7 @@ static int tsm_sm4_crypt_update(TSM_SM4_CTX *ctx, const unsigned char *in, size_ * CCM mode needs to know about the case where inl == 0 && in == NULL - it * means the plaintext/ciphertext length is 0 */ - if (inl < 0 || (inl == 0 && ctx->mode != TSM_CIPH_MODE_CCM)) { + if (inl == 0 && ctx->mode != TSM_CIPH_MODE_CCM) { *outl = 0; return inl == 0 ? TSM_OK : TSM_FAILED; } @@ -526,7 +526,7 @@ static int tsm_sm4_decrypt_update(TSM_SM4_CTX *ctx, const unsigned char *in, siz * CCM mode needs to know about the case where inl == 0 - it means the * plaintext/ciphertext length is 0 */ - if (inl < 0 || (inl == 0 && ctx->mode != TSM_CIPH_MODE_CCM)) { + if (inl == 0 && ctx->mode != TSM_CIPH_MODE_CCM) { *outl = 0; return inl == 0 ? TSM_OK : TSM_FAILED; } diff --git a/test/test.h b/test/test.h index 7b8c74e..216282d 100644 --- a/test/test.h +++ b/test/test.h @@ -41,15 +41,15 @@ # define TESTS(...) RUN_TESTS(__VA_ARGS__, __FILE__, __LINE__) # define RUN_TESTS(func, n, file, line) \ - for (int i = 0; i < n; i++) { \ - int ret = func(i); \ - if (ret) { \ - fprintf(stderr, "Failed\t%s(%d)\t%s:%d\n", #func, i, file, line); \ - return ret; \ - } else { \ - fprintf(stderr, "Passed\t%s(%d)\t%s:%d\n", #func, i, file, line); \ - } \ - } + for (int i = 0; i < n; i++) { \ + int ret = func(i); \ + if (ret) { \ + fprintf(stderr, "Failed\t%s(%d)\t%s:%d\n", #func, i, file, line); \ + return ret; \ + } else { \ + fprintf(stderr, "Passed\t%s(%d)\t%s:%d\n", #func, i, file, line); \ + } \ + } # define ASSERT(exp) TEST_ASSERT((exp), __FILE__, __LINE__) # define ASSERT_0(ret) TEST_ASSERT(((ret) == 0), __FILE__, __LINE__) diff --git a/test/test_hmac_ascon.py b/test/test_hmac_ascon.py index 8ba0b3a..a913eef 100644 --- a/test/test_hmac_ascon.py +++ b/test/test_hmac_ascon.py @@ -14,7 +14,7 @@ ("ascon-hmaca", "test_hmac_data/ascon_hmaca.txt"), ], ) -def test_ascon_hmac(algo, kat_file, subtests): +def test_hmac_ascon(algo, kat_file, subtests): with open(kat_file) as f: tb = {} @@ -31,7 +31,7 @@ def test_ascon_hmac(algo, kat_file, subtests): if "Count" in tb and "Msg" in tb and "Key" in tb and "Tag" in tb: with subtests.test(i=tb["Count"]): tf.ok( - "test_ascon_hmac -algo {} -key {} -msg {} -tag {}".format( + "test_hmac_ascon -algo {} -key {} -msg {} -tag {}".format( algo, tb["Key"], tb["Msg"], tb["Tag"] ) )