diff --git a/.ci/valgrind.sh b/.ci/valgrind.sh index 87ad88421..e813f367e 100755 --- a/.ci/valgrind.sh +++ b/.ci/valgrind.sh @@ -21,7 +21,10 @@ make clean &>/dev/null echo "Build for valgrind..." -make -j$MAKE_JOBS CFLAGS="$2 $CFLAGS $4" EXTRALIBS="$5" test LTC_DEBUG=1 1>gcc_1.txt 2>gcc_2.txt +# set DWARFv4 as debug format for clang, since it creates DWARFv5 as default which isn't support in old valgrind +[ -z "$(echo $CC | grep "clang")" ] || GFLAG="-gdwarf-4" + +make -j$MAKE_JOBS CFLAGS="$2 $CFLAGS $4 $GFLAG" EXTRALIBS="$5" test LTC_DEBUG=1 1>gcc_1.txt 2>gcc_2.txt echo "Run tests with valgrind..." diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index fbd68ee54..804a01f39 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -32,7 +32,7 @@ jobs: strategy: matrix: cc: [ gcc, clang ] - os: [ ubuntu-18.04 ] + os: [ ubuntu-20.04, ubuntu-22.04 ] config: - { BUILDNAME: 'META_BUILDS', BUILDOPTIONS: '-DGMP_DESC', BUILDSCRIPT: '.ci/meta_builds.sh' } - { BUILDNAME: 'VALGRIND', BUILDOPTIONS: '', BUILDSCRIPT: '.ci/valgrind.sh' } @@ -56,10 +56,11 @@ jobs: - name: install dependencies run: | sudo apt-get update -qq - sudo apt-get install -y libtommath-dev libgmp-dev libtfm-dev valgrind libtool-bin clang-tools lcov + sudo apt-get install -y libgmp-dev valgrind libtool-bin clang-tools lcov ruby clang + sudo apt-get remove -y libtommath1 sudo gem install coveralls-lcov curl -s https://packagecloud.io/install/repositories/libtom/packages/script.deb.sh | sudo bash - sudo apt-get install libtfm1=0.13-5ubuntu1 + sudo apt-get install libtfm-git-dev libtommath-git-dev - name: run tests env: CC: "${{ matrix.cc }}" @@ -71,14 +72,16 @@ jobs: - name: regular logs if: ${{ !failure() }} run: | - cat gcc_1.txt - cat gcc_2.txt + cat gcc_1.txt || true + cat gcc_2.txt || true - name: error logs if: ${{ failure() }} run: | - cat test_std.txt - cat test_err.txt - cat tv.txt + cat gcc_1.txt || true + cat gcc_2.txt || true + cat test_std.txt || true + cat test_err.txt || true + cat tv.txt || true - name: pack build directory if: ${{ failure() }} run: | diff --git a/makefile_include.mk b/makefile_include.mk index 9564fac66..7ce66824f 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -55,10 +55,10 @@ endif ifndef EXTRALIBS ifneq ($(shell echo $(CFLAGS) | grep USE_LTM),) -EXTRALIBS=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config libtommath --libs) +EXTRALIBS=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --libs libtommath) else ifneq ($(shell echo $(CFLAGS) | grep USE_TFM),) -EXTRALIBS=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config tomsfastmath --libs) +EXTRALIBS=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --libs tomsfastmath) endif endif endif @@ -76,6 +76,12 @@ endef # by giving them as a parameter to make: # make CFLAGS="-I./src/headers/ -DLTC_SOURCE ..." ... # +ifneq ($(shell echo $(CFLAGS) | grep LTM_DESC),) +LTC_CFLAGS+=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --cflags-only-I libtommath) +endif +ifneq ($(shell echo $(CFLAGS) | grep TFM_DESC),) +LTC_CFLAGS+=$(shell PKG_CONFIG_PATH=$(LIBPATH)/pkgconfig pkg-config --cflags-only-I tomsfastmath) +endif LTC_CFLAGS += -I./src/headers/ -DLTC_SOURCE -Wall -Wsign-compare -Wshadow ifdef OLD_GCC diff --git a/src/encauth/ccm/ccm_test.c b/src/encauth/ccm/ccm_test.c index 04d97b19e..bd71da968 100644 --- a/src/encauth/ccm/ccm_test.c +++ b/src/encauth/ccm/ccm_test.c @@ -215,14 +215,14 @@ int ccm_test(void) XMEMCPY(tag3, tests[x].tag, tests[x].taglen); tag3[0] ^= 0xff; /* set the tag to the wrong value */ taglen = tests[x].taglen; - if ((err = ccm_memory(idx, - tests[x].key, 16, - NULL, - tests[x].nonce, tests[x].noncelen, - tests[x].header, tests[x].headerlen, - buf2, tests[x].ptlen, - buf, - tag3, &taglen, 1 )) != CRYPT_ERROR) { + if (ccm_memory(idx, + tests[x].key, 16, + NULL, + tests[x].nonce, tests[x].noncelen, + tests[x].header, tests[x].headerlen, + buf2, tests[x].ptlen, + buf, + tag3, &taglen, 1 ) != CRYPT_ERROR) { return CRYPT_FAIL_TESTVECTOR; } if (compare_testvector(buf2, tests[x].ptlen, zero, tests[x].ptlen, "CCM decrypt wrong tag", x)) { diff --git a/src/misc/pkcs5/pkcs_5_test.c b/src/misc/pkcs5/pkcs_5_test.c index 73bc4a1ad..f90c0eef1 100644 --- a/src/misc/pkcs5/pkcs_5_test.c +++ b/src/misc/pkcs5/pkcs_5_test.c @@ -169,6 +169,7 @@ int pkcs_5_test (void) (unsigned char*)cases_5_2[i].S, cases_5_2[i].S_len, cases_5_2[i].c, hash, DK, &dkLen)) != CRYPT_OK) { + LTC_UNUSED_PARAM(err); #ifdef LTC_TEST_DBG printf("\npkcs_5_alg2() #%d: Failed/1 (%s)\n", i, error_to_string(err)); #endif @@ -186,6 +187,7 @@ int pkcs_5_test (void) (unsigned char*)cases_5_1[i].S, cases_5_1[i].c, hash, DK, &dkLen)) != CRYPT_OK) { + LTC_UNUSED_PARAM(err); #ifdef LTC_TEST_DBG printf("\npkcs_5_alg1() #%d: Failed/1 (%s)\n", i, error_to_string(err)); #endif @@ -203,6 +205,7 @@ int pkcs_5_test (void) (unsigned char*)cases_5_1o[i].S, cases_5_1o[i].c, hash, DK, &dkLen)) != CRYPT_OK) { + LTC_UNUSED_PARAM(err); #ifdef LTC_TEST_DBG printf("\npkcs_5_alg1_openssl() #%d: Failed/1 (%s)\n", i, error_to_string(err)); #endif diff --git a/src/misc/ssh/ssh_encode_sequence_multi.c b/src/misc/ssh/ssh_encode_sequence_multi.c index d2be6897e..4bec5e12e 100644 --- a/src/misc/ssh/ssh_encode_sequence_multi.c +++ b/src/misc/ssh/ssh_encode_sequence_multi.c @@ -134,7 +134,7 @@ int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) STORE32H(size, out); out += 4; } - if ((err = mp_to_unsigned_bin(vdata, out)) != CRYPT_OK) { + if (mp_to_unsigned_bin(vdata, out) != CRYPT_OK) { err = CRYPT_ERROR; goto error; } diff --git a/src/pk/asn1/der/custom_type/der_encode_custom_type.c b/src/pk/asn1/der/custom_type/der_encode_custom_type.c index 2e21b4aaa..586fb316b 100644 --- a/src/pk/asn1/der/custom_type/der_encode_custom_type.c +++ b/src/pk/asn1/der/custom_type/der_encode_custom_type.c @@ -36,7 +36,7 @@ int der_encode_custom_type(const ltc_asn1_list *root, /* get size of output that will be required */ y = 0; z = 0; - if ((err = der_length_custom_type(root, &y, &z)) != CRYPT_OK) return CRYPT_INVALID_ARG; + if (der_length_custom_type(root, &y, &z) != CRYPT_OK) return CRYPT_INVALID_ARG; /* too big ? */ if (*outlen < y) { @@ -46,7 +46,7 @@ int der_encode_custom_type(const ltc_asn1_list *root, } /* get length of the identifier, so we know the offset where to start writing */ - if ((err = der_length_asn1_identifier(root, &id_len)) != CRYPT_OK) return CRYPT_INVALID_ARG; + if (der_length_asn1_identifier(root, &id_len) != CRYPT_OK) return CRYPT_INVALID_ARG; x = id_len; diff --git a/src/pk/asn1/der/sequence/der_encode_sequence_ex.c b/src/pk/asn1/der/sequence/der_encode_sequence_ex.c index d5c81bbd9..2ea33a6d4 100644 --- a/src/pk/asn1/der/sequence/der_encode_sequence_ex.c +++ b/src/pk/asn1/der/sequence/der_encode_sequence_ex.c @@ -33,7 +33,7 @@ int der_encode_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, /* get size of output that will be required */ y = 0; z = 0; - if ((err = der_length_sequence_ex(list, inlen, &y, &z)) != CRYPT_OK) return CRYPT_INVALID_ARG; + if (der_length_sequence_ex(list, inlen, &y, &z) != CRYPT_OK) return CRYPT_INVALID_ARG; /* too big ? */ if (*outlen < y) { diff --git a/src/pk/dsa/dsa_import.c b/src/pk/dsa/dsa_import.c index 995e0d225..b5660d398 100644 --- a/src/pk/dsa/dsa_import.c +++ b/src/pk/dsa/dsa_import.c @@ -72,14 +72,14 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) } } /* get key type */ - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_SHORT_INTEGER, 1UL, &zero, - LTC_ASN1_INTEGER, 1UL, key->p, - LTC_ASN1_INTEGER, 1UL, key->q, - LTC_ASN1_INTEGER, 1UL, key->g, - LTC_ASN1_INTEGER, 1UL, key->y, - LTC_ASN1_INTEGER, 1UL, key->x, - LTC_ASN1_EOL, 0UL, NULL)) == CRYPT_OK) { + if (der_decode_sequence_multi(in, inlen, + LTC_ASN1_SHORT_INTEGER, 1UL, &zero, + LTC_ASN1_INTEGER, 1UL, key->p, + LTC_ASN1_INTEGER, 1UL, key->q, + LTC_ASN1_INTEGER, 1UL, key->g, + LTC_ASN1_INTEGER, 1UL, key->y, + LTC_ASN1_INTEGER, 1UL, key->x, + LTC_ASN1_EOL, 0UL, NULL) == CRYPT_OK) { key->type = PK_PRIVATE; } else { /* public */ diff --git a/src/pk/ecc/ecc_import_pkcs8.c b/src/pk/ecc/ecc_import_pkcs8.c index a6fd7bfbb..81ac6ed6b 100644 --- a/src/pk/ecc/ecc_import_pkcs8.c +++ b/src/pk/ecc/ecc_import_pkcs8.c @@ -64,7 +64,7 @@ int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, if (err != CRYPT_OK) return err; - if ((err = pkcs8_decode_flexi(in, inlen, pwd, pwdlen, &l)) == CRYPT_OK) { + if (pkcs8_decode_flexi(in, inlen, pwd, pwdlen, &l) == CRYPT_OK) { /* Setup for basic structure */ n=0; @@ -73,7 +73,7 @@ int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_OCTET_STRING, &priv_key); LTC_SET_DER_FLEXI_CHECK(flexi_should, n, LTC_ASN1_EOL, NULL); - if (((err = s_der_flexi_sequence_cmp(l, flexi_should)) == CRYPT_OK) && + if ((s_der_flexi_sequence_cmp(l, flexi_should) == CRYPT_OK) && (pk_oid_cmp_with_asn1(pka_ec_oid, seq->child) == CRYPT_OK)) { ltc_asn1_list *version, *field, *point, *point_g, *order, *p_cofactor; @@ -154,7 +154,7 @@ int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, /* load private key value 'k' */ len = priv_key->size; - if ((err = der_decode_sequence_flexi(priv_key->data, &len, &p)) == CRYPT_OK) { + if (der_decode_sequence_flexi(priv_key->data, &len, &p) == CRYPT_OK) { if (p->type == LTC_ASN1_SEQUENCE && LTC_ASN1_IS_TYPE(p->child, LTC_ASN1_INTEGER) && LTC_ASN1_IS_TYPE(p->child->next, LTC_ASN1_OCTET_STRING)) { diff --git a/src/pk/rsa/rsa_verify_hash.c b/src/pk/rsa/rsa_verify_hash.c index ca4cdf9c4..d946a2028 100644 --- a/src/pk/rsa/rsa_verify_hash.c +++ b/src/pk/rsa/rsa_verify_hash.c @@ -136,7 +136,7 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long sigle LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2); LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, tmpbuf, siglen); - if ((err = der_decode_sequence_strict(out, outlen, siginfo, 2)) != CRYPT_OK) { + if (der_decode_sequence_strict(out, outlen, siginfo, 2) != CRYPT_OK) { /* fallback to Legacy:missing NULL */ LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 1); if ((err = der_decode_sequence_strict(out, outlen, siginfo, 2)) != CRYPT_OK) { diff --git a/tests/der_test.c b/tests/der_test.c index 3b8354bd0..70683b81a 100644 --- a/tests/der_test.c +++ b/tests/der_test.c @@ -1272,19 +1272,18 @@ static void der_Xcode_run(const der_Xcode_t* x) { unsigned long l1, l2, sz; void *d1, *d2; - int err; l1 = 1; d1 = XMALLOC(l1 * x->type_sz); sz = (x->in_sz * x->factor)/x->type_sz; - if ((err = x->encode(x->in, sz, d1, &l1)) == CRYPT_BUFFER_OVERFLOW) { + if (x->encode(x->in, sz, d1, &l1) == CRYPT_BUFFER_OVERFLOW) { d1 = XREALLOC(d1, l1 * x->type_sz); } DO(x->encode(x->in, sz, d1, &l1)); l2 = 1; d2 = XMALLOC(l2 * x->type_sz); - while ((err = x->decode(d1, l1, d2, &l2)) == CRYPT_BUFFER_OVERFLOW) { + while (x->decode(d1, l1, d2, &l2) == CRYPT_BUFFER_OVERFLOW) { d2 = XREALLOC(d2, l2 * x->type_sz); } DO(x->decode(d1, l1, d2, &l2)); diff --git a/tests/pkcs_1_test.c b/tests/pkcs_1_test.c index 9bc9a2777..00d90bfed 100644 --- a/tests/pkcs_1_test.c +++ b/tests/pkcs_1_test.c @@ -14,7 +14,7 @@ int pkcs_1_test(void) { unsigned char buf[3][128]; int res1, res2, res3, prng_idx, hash_idx; - unsigned long x, y, l1, l2, l3, i1, i2, lparamlen, saltlen, modlen; + unsigned long x, y, l1, l2, l3, i1, lparamlen, saltlen, modlen; static const unsigned char lparam[] = { 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16 }; /* get hash/prng */ @@ -75,7 +75,7 @@ int pkcs_1_test(void) DO(pkcs_1_pss_decode(buf[0], l3, buf[1], l1, saltlen, hash_idx, modlen, &res2)); buf[0][i1] ^= 1; - buf[1][i2 = abs(rand()) % (l1 - 1)] ^= 1; + buf[1][abs(rand()) % (l1 - 1)] ^= 1; pkcs_1_pss_decode(buf[0], l3, buf[1], l1, saltlen, hash_idx, modlen, &res3); if (!(res1 == 1 && res2 == 0 && res3 == 0)) { fprintf(stderr, "PSS failed: %d, %d, %d, %lu, %lu\n", res1, res2, res3, l3, saltlen);