Merge branch 'Legrandin:master' into master

Legrandin · May 9, 2023 · d7f9a33 · d7f9a33
2 parents 81f354e + bef03fc
commit d7f9a33
Show file tree

Hide file tree

Showing 34 changed files with 602 additions and 322 deletions.
diff --git a/.github/workflows/gcc_m32_toolchain.txt b/.github/workflows/gcc_m32_toolchain.txt
@@ -0,0 +1,18 @@
+# Specify the CMake version
+set(CMAKE_SYSTEM_NAME Linux)
+set(CMAKE_SYSTEM_PROCESSOR i386)
+set(CMAKE_C_COMPILER gcc)
+
+# Specify the compiler flags
+set(CMAKE_C_FLAGS "-m32")
+set(CMAKE_CXX_FLAGS "-m32")
+
+# Specify the linker flags
+set(CMAKE_SHARED_LINKER_FLAGS "-m32")
+set(CMAKE_EXE_LINKER_FLAGS "-m32")
+
+# Specify the paths to search for libraries and includes
+set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER)
+set(CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY)
+set(CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY)
+
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
@@ -13,13 +13,13 @@ jobs:
         include:
           - python-version: 2.7
             cffi: no
-            os: macos-10.15
+            os: macos-12
           - python-version: 2.7
             cffi: yes
-            os: macos-10.15
+            os: macos-12
           - python-version: "3.11"
             cffi: yes
-            os: macos-10.15
+            os: macos-12
           - python-version: 2.7
             cffi: no
             os: windows-latest
@@ -90,34 +90,48 @@ jobs:
       run: |
         mypy lib/
 
-  test_c:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v3
-    - name: Test
-      run: |
-        cd src/test
-        make
-
-  test_c_i386:
+  test_c_linux:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        sse: [0, 1]
+        arch: [x64, x32]
     steps:
     - uses: actions/checkout@v3
     - name: Install dependencies
       run: |
         sudo apt-get update
         sudo apt-get install libc6-dev-i386
-    - name: Test
+    - name: Test Linux x32 and x64
       run: |
         cd src/test
-        CFLAGS="-m32" UNDEFS="-UHAVE_UINT128" make
+        mkdir build
+        GCC_M32_TOOLCHAIN=${{ github.workspace }}/.github/workflows/gcc_m32_toolchain.txt
+        EXTRA=$([ ${{ matrix.arch }} = x32 ] && echo "-DCMAKE_TOOLCHAIN_FILE=$GCC_M32_TOOLCHAIN" || true)
+        cmake -B build -DSSE=${{ matrix.sse }} $EXTRA
+        make -C build all test
 
-  test_c_sse2:
-    runs-on: ubuntu-latest
+  test_c_windows:
+    runs-on: windows-latest
+    strategy:
+      matrix:
+        arch:
+          - x64
+          - win32
     steps:
     - uses: actions/checkout@v3
-    - name: Test
+    - name: Set up Python "3.11"
+      uses: actions/setup-python@v4
+      with:
+        python-version: "3.11"
+    - name: Install MSVC
+      uses: ilammy/msvc-dev-cmd@f456b805b3f63911738cb71d4f255e4e129c7e7a
+      with:
+        arch: ${{ matrix.arch }}
+    - name: Test Windows 32 and 64
       run: |
         cd src/test
-        CPPFLAGS="-DHAVE_X86INTRIN_H" make
-
+        mkdir build
+        cmake -B build -G "NMake Makefiles"
+        cd build
+        nmake all test
diff --git a/Doc/src/cipher/chacha20.rst b/Doc/src/cipher/chacha20.rst
@@ -67,7 +67,7 @@ you need to explicitly generate and pass a 96 bit (12 byte) ``nonce`` parameter
     Code* (such as :doc:`HMAC <../hash/hmac>`) to authenticate the ciphertext
     (*encrypt-then-mac*). Alternatively, you can use :doc:`ChaCha20_Poly1305 <chacha20_poly1305>`.
 
-.. _ChaCha20: http://http://cr.yp.to/chacha.html
+.. _ChaCha20: https://cr.yp.to/chacha.html
 .. _RFC7539: https://tools.ietf.org/html/rfc7539
 
 .. automodule:: Crypto.Cipher.ChaCha20

diff --git a/lib/Crypto/PublicKey/ECC.py b/lib/Crypto/PublicKey/ECC.py
@@ -101,7 +101,7 @@
 int ed25519_get_xy(uint8_t *xb, uint8_t *yb, size_t modsize, Point *p);
 int ed25519_double(Point *p);
 int ed25519_add(Point *P1, const Point *P2);
-int ed25519_scalar(Point *P, uint8_t *scalar, size_t scalar_len, uint64_t seed);
+int ed25519_scalar(Point *P, const uint8_t *scalar, size_t scalar_len, uint64_t seed);
 """)
 
 _ed448_lib = load_pycryptodome_raw_lib("Crypto.PublicKey._ed448", """

diff --git a/lib/Crypto/Util/asn1.py b/lib/Crypto/Util/asn1.py
@@ -530,6 +530,10 @@ def append(self, item):
                 self._seq.append(item)
                 return self
 
+        def insert(self, index, item):
+                self._seq.insert(index, item)
+                return self
+
         def hasInts(self, only_non_negative=True):
                 """Return the number of items in this sequence that are
                 integers.

diff --git a/src/bignum.c b/src/bignum.c
@@ -164,7 +164,7 @@ STATIC int mod_select(uint64_t *out, const uint64_t *a, const uint64_t *b, unsig
     pairs = (unsigned)words / 2;
     mask = (uint64_t)((cond != 0) - 1); /* 0 for a, 1s for b */
 
-#if SYSBITS == 64
+#if SYS_BITS == 64
     r0 = _mm_set1_epi64x(mask);
 #else
     r0 = _mm_loadl_epi64((__m128i*)&mask);

diff --git a/src/common.h b/src/common.h
@@ -75,10 +75,17 @@ typedef unsigned __int64 uint64_t;
 #define UINT32_MAX 0xFFFFFFFFUL
 #endif
 
+#ifndef UINT64_MAX
+#define UINT64_MAX 0xFFFFFFFFFFFFFFFFUL
+#endif
+
 #endif /* HAVE_STDINT_H */
 
 #ifdef _MSC_VER
 
+/** Fix for warning C4668 **/
+#define WIN32_LEAN_AND_MEAN
+
 #define inline _inline
 #define RESTRICT __restrict
 
@@ -109,15 +116,17 @@ typedef unsigned __int64 uint64_t;
 /*
  * On Windows, distutils expects that a CPython module always exports the symbol init${MODNAME}
  */
-#if defined(_MSC_VER) || defined(__MINGW32__)
-#include <Python.h>
-#if PY_MAJOR_VERSION >= 3
-#define FAKE_INIT(x) PyMODINIT_FUNC _PASTE2(PyInit__,x) (void) { return NULL; }
-#else
-#define FAKE_INIT(x) PyMODINIT_FUNC _PASTE2(init_,x) (void) { return; }
-#endif
+#if defined(NO_CPYTHON_MODULE)
+ #define FAKE_INIT(x)
+#elif defined(_MSC_VER) || defined(__MINGW32__)
+ #include <Python.h>
+ #if PY_MAJOR_VERSION >= 3
+  #define FAKE_INIT(x) PyMODINIT_FUNC _PASTE2(PyInit__,x) (void) { return NULL; }
+ #else
+  #define FAKE_INIT(x) PyMODINIT_FUNC _PASTE2(init_,x) (void) { return; }
+ #endif
 #else
-#define FAKE_INIT(x)
+ #define FAKE_INIT(x)
 #endif
 
 /*

diff --git a/src/ed25519.c b/src/ed25519.c
@@ -322,7 +322,7 @@ EXPORT_SYM int ed25519_add(Point *P1, const Point *P2)
     return 0;
 }
 
-EXPORT_SYM int ed25519_scalar(Point *P, uint8_t *scalar, size_t scalar_len, uint64_t seed)
+EXPORT_SYM int ed25519_scalar(Point *P, const uint8_t *scalar, size_t scalar_len, uint64_t seed)
 {
     if ((NULL == P) || (NULL == scalar))
         return ERR_NULL;

diff --git a/src/ed25519.h b/src/ed25519.h
@@ -18,6 +18,6 @@ EXPORT_SYM int ed25519_neg(Point *p);
 EXPORT_SYM int ed25519_get_xy(uint8_t *xb, uint8_t *yb, size_t modsize, Point *p);
 EXPORT_SYM int ed25519_double(Point *p);
 EXPORT_SYM int ed25519_add(Point *P1, const Point *P2);
-EXPORT_SYM int ed25519_scalar(Point *P, uint8_t *scalar, size_t scalar_len, uint64_t seed);
+EXPORT_SYM int ed25519_scalar(Point *P, const uint8_t *scalar, size_t scalar_len, uint64_t seed);
 
 #endif
diff --git a/src/ed448.c b/src/ed448.c
@@ -297,8 +297,20 @@ EXPORT_SYM int ed448_new_context(EcContext **pec_ctx)
     EcContext *ec_ctx = NULL;
     int res;
     MontContext *ctx;
-    const uint8_t mod448_be[56] = "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
-    const uint8_t d448_be[56] = "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x67\x56";
+    const uint8_t mod448_be[56] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
+    const uint8_t d448_be[56] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+                                 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x67, 0x56};
 
     if (NULL == pec_ctx)
         return ERR_NULL;

diff --git a/src/mont.c b/src/mont.c
@@ -312,7 +312,7 @@ STATIC void mont_mult_p256(uint64_t *out, const uint64_t *a, const uint64_t *b,
         k = t[i];
 
         /* n[0] = 2⁶⁴ - 1 */
-        prod_lo = -k;
+        prod_lo = (uint64_t)(0 - k);
         prod_hi = k - (k!=0);
         t[i+0] += prod_lo;
         prod_hi += t[i+0] < prod_lo;
@@ -474,7 +474,7 @@ STATIC void mont_mult_p384(uint64_t *out, const uint64_t *a, const uint64_t *b,
         uint64_t prod_lo, prod_hi;
 
         k = t[i] + (t[i] << 32);
-        k2_lo = -k;
+        k2_lo = (uint64_t)(0 - k);
         k2_hi = k - (k!=0);
 
         /* n[0] = 2³² - 1 */
@@ -628,7 +628,7 @@ STATIC void mont_mult_ed448(uint64_t *out, const uint64_t *a, const uint64_t *b,
         uint64_t prod_lo, prod_hi;
 
         k = t[i];
-        k2_lo = -k;
+        k2_lo = (uint64_t)(0 - k);
         k2_hi = k - (k!=0);
 
         /* n[0] = 2⁶⁴ - 1 */
@@ -1047,7 +1047,7 @@ int mont_inv_prime(uint64_t *out, uint64_t *a, const MontContext *ctx)
 }
 
 /*
- * Assign a value to a number in Montgomer form.
+ * Assign a value to a number in Montgomery form.
  *
  * @param out   The location where the result is stored at; it must have been created with mont_number(&p,1,ctx).
  * @param x     The value to set.
@@ -1123,10 +1123,32 @@ static int cmp_modulus(const uint8_t *mod1, size_t mod1_len, const uint8_t *mod2
  */
 int mont_context_init(MontContext **out, const uint8_t *modulus, size_t mod_len)
 {
-    const uint8_t p256_mod[32] = "\xff\xff\xff\xff\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
-    const uint8_t p384_mod[48] = "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff";
-    const uint8_t p521_mod[66] = "\x01\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
-    const uint8_t ed448_mod[56] = "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
+    const uint8_t p256_mod[32] = {0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01,
+                                  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+                                  0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
+    const uint8_t p384_mod[48] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
+                                  0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF};
+    const uint8_t p521_mod[66] = {0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                  0xFF, 0xFF};
+    const uint8_t ed448_mod[56] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+                                   0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
     uint64_t *scratchpad = NULL;
     MontContext *ctx;
     int res;

diff --git a/src/multiply_32.c b/src/multiply_32.c
@@ -132,7 +132,7 @@ void static inline addmul32(uint32_t* t, size_t offset, const uint32_t *a, uint3
  * t[] and a[] are little-endian.
  * Return the number of 64-bit words that we wrote into t[]
  */
-void inline addmul128(uint64_t *t, uint64_t *scratchpad, const uint64_t *a, uint64_t b0, uint64_t b1, size_t t_nw, size_t a_nw)
+void addmul128(uint64_t *t, uint64_t *scratchpad, const uint64_t *a, uint64_t b0, uint64_t b1, size_t t_nw, size_t a_nw)
 {
     uint32_t b0l, b0h, b1l, b1h;
     uint32_t *t32, *a32;
@@ -249,7 +249,7 @@ void static inline square_32(uint32_t *t, const uint32_t *a, size_t nw)
     assert(carry == 0);
 }
 
-void inline square(uint64_t *t, uint64_t *scratchpad, const uint64_t *a, size_t nw)
+void square(uint64_t *t, uint64_t *scratchpad, const uint64_t *a, size_t nw)
 {
     uint32_t *t32, *a32;
 #ifndef PYCRYPTO_LITTLE_ENDIAN

diff --git a/src/multiply_64.c b/src/multiply_64.c
@@ -59,7 +59,7 @@
 
 #endif
 
-void inline addmul128(uint64_t *t, uint64_t *scratchpad, const uint64_t *a, uint64_t b0, uint64_t b1, size_t t_words, size_t a_nw)
+void addmul128(uint64_t *t, uint64_t *scratchpad, const uint64_t *a, uint64_t b0, uint64_t b1, size_t t_words, size_t a_nw)
 {
     uint64_t sum_low, sum_mid, sum_hi;
     uint64_t pr_low, pr_high, aim1;
@@ -195,7 +195,7 @@ void inline addmul128(uint64_t *t, uint64_t *scratchpad, const uint64_t *a, uint
 }
 
 
-void inline square(uint64_t *t, uint64_t *scratchpad, const uint64_t *a, size_t nw)
+void square(uint64_t *t, uint64_t *scratchpad, const uint64_t *a, size_t nw)
 {
     size_t i, j;
     uint64_t carry;