Merge pull request #82 from apache/security_checks

Added security checks:

CMakeLists.txt

@@ -34,6 +34,7 @@ macro(set_if_unset var val)
   log(${var})
 endmacro()
 
+
 ##################################################
 # Includes
 ##################################################

include/utils.h

@@ -40,7 +40,7 @@
  * @param dst     Binary string
  * @param src_len length Hex encoded string
  */
-void amcl_hex2bin(const char *src, char *dst, int src_len);
+void amcl_hex2bin(const char *src, char *dst, size_t src_len);
 
 /**
  * @brief Encode binary string
@@ -50,8 +50,9 @@ void amcl_hex2bin(const char *src, char *dst, int src_len);
  * @param src     Binary string
  * @param dst     Hex encoded string
  * @param src_len length binary string
+ * @param dst_len length hex encoded string
  */
-void amcl_bin2hex(char *src, char *dst, int src_len);
+void amcl_bin2hex(char *src, char *dst, size_t src_len, size_t dst_len);
 
 /**
  * @brief Print encoded binary string in hex
@@ -61,7 +62,7 @@ void amcl_bin2hex(char *src, char *dst, int src_len);
  * @param src     Binary string
  * @param src_len length binary string
  */
-void amcl_print_hex(char *src, int src_len);
+void amcl_print_hex(char *src, size_t src_len);
 
 /**
  * @brief Generate a random Octet

src/oct.c

@@ -73,6 +73,7 @@ void OCT_jstring(octet *y,char *s)
 int OCT_comp(octet *x,octet *y)
 {
     int i;
+
     if (x->len>y->len) return 0;
     if (x->len<y->len) return 0;
     for (i=0; i<x->len; i++)
@@ -351,13 +352,18 @@ void OCT_rand(octet *x,csprng *RNG,int len)
 /* Convert an octet to a hex string */
 void OCT_toHex(octet *src,char *dst)
 {
+    const char * hexadecimals = "0123456789abcdef";
     int i;
     unsigned char ch;
     for (i=0; i<src->len; i++)
     {
         ch=src->val[i];
-        sprintf(&dst[i*2],"%02x", ch);
+        uint8_t res = ch / 16;
+        uint8_t mod = ch % 16;
+        dst[i*2] = hexadecimals[res];
+        dst[(i*2)+1] = hexadecimals[mod];
     }
+    dst[i*2] =0;
 }
 
 static int char2int(char input)

src/utils.c

@@ -30,15 +30,17 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <assert.h>
 #include "amcl.h"
 #include "utils.h"
 
-/* Decode hex value */
-void amcl_hex2bin(const char *src, char *dst, int src_len)
+/* Decode a byte to a 2 chars string */
+
+/** Decode hex value */
+void amcl_hex2bin(const char *src, char *dst, size_t src_len)
 {
-    int i;
     char v,c;
-    for (i = 0; i < src_len/2; i++)
+    for (size_t i = 0; i < src_len/2; i++)
     {
         c = src[2*i];
         if (c >= '0' && c <= '9')
@@ -80,20 +82,24 @@ void amcl_hex2bin(const char *src, char *dst, int src_len)
 }
 
 /* Encode binary string */
-void amcl_bin2hex(char *src, char *dst, int src_len)
+void amcl_bin2hex(char *src, char *dst, size_t src_len, size_t dst_len)
 {
-    int i;
-    for (i = 0; i < src_len; i++)
+    const char * hexadecimals = "0123456789abcdef";
+    unsigned char ch;
+    for (size_t i = 0; i < src_len && i< dst_len/2; i++)
     {
-        sprintf(&dst[i*2],"%02x", (unsigned char) src[i]);
+       ch=src[i];
+       uint8_t res = ch / 16;
+       uint8_t mod = ch % 16;
+       dst[i*2] = hexadecimals[res];
+       dst[(i*2)+1] = hexadecimals[mod];
     }
 }
 
 /* Print encoded binary string in hex */
-void amcl_print_hex(char *src, int src_len)
+void amcl_print_hex(char *src, size_t src_len)
 {
-    int i;
-    for (i = 0; i < src_len; i++)
+    for (size_t i = 0; i < src_len; i++)
     {
         printf("%02x", (unsigned char) src[i]);
     }
@@ -126,6 +132,7 @@ int generateOTP(csprng* RNG)
 void generateRandom(csprng *RNG,octet *randomValue)
 {
     int i;
-    for (i=0; i<randomValue->len; i++)
-        randomValue->val[i]=RAND_byte(RNG);
+    for (i=0; i<randomValue->len; i++) {
+        randomValue->val[i] = RAND_byte(RNG);
+    }
 }

test/test_aes_decrypt.c

@@ -153,9 +153,10 @@ int main(int argc, char** argv)
             l1 = strlen(linePtr)-1;
             IVLen = l1/2;
             IV = (char*) malloc (IVLen);
-            if (IV==NULL)
+            if (IV==NULL) {
+                fclose(fp);
                 exit(EXIT_FAILURE);
-
+            }
             // IV binary value
             amcl_hex2bin(linePtr, IV, l1);
         }
@@ -228,6 +229,7 @@ int main(int argc, char** argv)
             if (!rc)
             {
                 printf("TEST AES DECRYPT FAILED COMPARE PLAINTEXT LINE %d\n",lineNo);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
 

test/test_aes_encrypt.c

@@ -152,9 +152,10 @@ int main(int argc, char** argv)
             l1 = strlen(linePtr)-1;
             IVLen = l1/2;
             IV = (char*) malloc (IVLen);
-            if (IV==NULL)
+            if (IV==NULL) {
                 exit(EXIT_FAILURE);
-
+                fclose(fp);
+            }
             // IV binary value
             amcl_hex2bin(linePtr, IV, l1);
         }
@@ -171,8 +172,10 @@ int main(int argc, char** argv)
             l1 = strlen(linePtr)-1;
             PLAINTEXTLen = l1/2;
             PLAINTEXT = (char*) malloc(PLAINTEXTLen);
-            if (PLAINTEXT==NULL)
+            if (PLAINTEXT==NULL) {
+                fclose(fp);
                 exit(EXIT_FAILURE);
+            }
 
             // PLAINTEXT binary value
             amcl_hex2bin(linePtr, PLAINTEXT, l1);
@@ -189,8 +192,10 @@ int main(int argc, char** argv)
             // Allocate memory
             l1 = strlen(linePtr);
             CIPHERTEXT1 = (char*) malloc(PLAINTEXTLen+1);
-            if (CIPHERTEXT1==NULL)
+            if (CIPHERTEXT1==NULL) {
+                fclose(fp);
                 exit(EXIT_FAILURE);
+            }
 
             // Golden CIPHERTEXT value
             octet CIPHERTEXT1Oct= {PLAINTEXTLen,PLAINTEXTLen,CIPHERTEXT1};
@@ -227,6 +232,7 @@ int main(int argc, char** argv)
             if (!rc)
             {
                 printf("TEST AES ENCRYPT FAILED COMPARE CIPHERTEXT LINE %d\n",lineNo);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
 

test/test_big_arithmetics_XXX.c.in

@@ -134,6 +134,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_comp(BIG1,BIG2) < 0)
             {
                 printf("ERROR comparing two BIGs, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -149,6 +150,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_comp(BIGsum,supp) != 0)
             {
                 printf("ERROR adding two BIGs, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -164,6 +166,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_comp(BIGsub,supp) != 0)
             {
                 printf("ERROR subtracting two BIGs, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -180,6 +183,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_comp(BIG1mod2,supp) != 0)
             {
                 printf("ERROR reducing modulo BIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -196,6 +200,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_comp(BIG2mod1,supp) != 0)
             {
                 printf("ERROR reducing modulo BIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -211,6 +216,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_dcomp(BIGmul,dsupp) != 0)
             {
                 printf("ERROR multiplication BIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -226,6 +232,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_dcomp(BIG1sqr,dsupp) != 0)
             {
                 printf("ERROR squaring BIG 1, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -241,6 +248,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_dcomp(BIG2sqr,dsupp) != 0)
             {
                 printf("ERROR squaring BIG 2, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -257,6 +265,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_comp(BIG1sqrmod2,supp) != 0)
             {
                 printf("ERROR reducing squaring modulo BIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -274,6 +283,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_comp(BIG1modneg2,supp) != 0)
             {
                 printf("ERROR negative reduced modulo BIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -287,6 +297,7 @@ int main(int argc, char** argv)
             if (nbitBIG != bitlen)
             {
                 printf("ERROR counting bit BIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -300,6 +311,7 @@ int main(int argc, char** argv)
             if (nbitDBIG != bitlen)
             {
                 printf("ERROR counting bit DBIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -317,6 +329,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_comp(BIGdiv,supp) != 0)
             {
                 printf("ERROR division BIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -335,6 +348,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_comp(BIGdivmod,supp) != 0)
             {
                 printf("ERROR division modulo BIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }
@@ -350,6 +364,7 @@ int main(int argc, char** argv)
             if (BIG_XXX_dcomp(BIGpxmul,dsupp) != 0)
             {
                 printf("ERROR small multiplication BIG, line %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
         }

test/test_ecdh_ZZZ.c.in

@@ -150,8 +150,10 @@ int main(int argc, char** argv)
             l1 = strlen(linePtr)-1;
             l2 = l1/2;
             dIUT = (char*) malloc (l2);
-            if (dIUT==NULL)
+            if (dIUT==NULL) {
+                fclose(fp);
                 exit(EXIT_FAILURE);
+            }
 
             // dIUT binary value
             amcl_hex2bin(linePtr, dIUT, l1);
@@ -205,9 +207,10 @@ int main(int argc, char** argv)
             l1 = strlen(linePtr)-1;
             l2 = l1/2;
             ZIUT = (char*) malloc (l2);
-            if (ZIUT==NULL)
+            if (ZIUT==NULL) {
+                fclose(fp);
                 exit(EXIT_FAILURE);
-
+            }
             // ZIUT binary value
             amcl_hex2bin(linePtr, ZIUT, l1);
 
@@ -255,6 +258,7 @@ int main(int argc, char** argv)
                 OCT_output(&QIUTOct);
                 printf("\n");
 #endif
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
 
@@ -272,6 +276,7 @@ int main(int argc, char** argv)
                 OCT_output(&ZIUTOct);
                 printf("\n");
 #endif
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
             free(dIUT);

test/test_ecdsa_keypair_ZZZ.c.in

@@ -89,9 +89,10 @@ int main(int argc, char** argv)
             l1 = strlen(linePtr)-1;
             l2 = l1/2;
             d = (char*) malloc (l2);
-            if (d==NULL)
+            if (d==NULL) {
+                fclose(fp);
                 exit(EXIT_FAILURE);
-
+            }
             // d binary value
             amcl_hex2bin(linePtr, d, l1);
 
@@ -154,6 +155,7 @@ int main(int argc, char** argv)
             if (!rc)
             {
                 printf("TEST ECDSA KEYPAIR FAILED LINE %d\n",i);
+                fclose(fp);
                 exit(EXIT_FAILURE);
             }
             free(d);