aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2021-06-09 14:00:21 -0600
committerAriadne Conill <ariadne@dereferenced.org>2021-06-09 14:10:21 -0600
commitf7d64f9e625a0d6b1b2e976115fe69d82e1bb68a (patch)
treebd9419e4755005299c8a9ba87d0a9eaaf9e7f903
parent6061a647f58c5476f13b74979660bd8b3309f980 (diff)
downloadaports-f7d64f9e625a0d6b1b2e976115fe69d82e1bb68a.tar.gz
aports-f7d64f9e625a0d6b1b2e976115fe69d82e1bb68a.tar.bz2
aports-f7d64f9e625a0d6b1b2e976115fe69d82e1bb68a.tar.xz
main/botan: add mitigation for CVE-2021-24115
-rw-r--r--main/botan/APKBUILD12
-rw-r--r--main/botan/CVE-2021-24115.patch818
2 files changed, 827 insertions, 3 deletions
diff --git a/main/botan/APKBUILD b/main/botan/APKBUILD
index eef6f93104..d16157cac9 100644
--- a/main/botan/APKBUILD
+++ b/main/botan/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=botan
pkgver=2.11.0
-pkgrel=3
+pkgrel=4
pkgdesc="Crypto and TLS for C++11"
url="https://botan.randombit.net/"
arch="all"
@@ -10,10 +10,13 @@ license="BSD-2-Clause"
depends_dev="boost-dev bzip2-dev openssl-dev sqlite-dev xz-dev zlib-dev"
makedepends="$depends_dev python3"
subpackages="$pkgname-dev $pkgname-doc $pkgname-libs"
-source="https://botan.randombit.net/releases/Botan-$pkgver.tar.xz"
+source="https://botan.randombit.net/releases/Botan-$pkgver.tar.xz
+ CVE-2021-24115.patch"
builddir="$srcdir/Botan-$pkgver"
# secfixes:
+# 2.11.0-r4:
+# - CVE-2021-24115
# 2.9.0-r0:
# - CVE-2018-20187
# 2.7.0-r0:
@@ -51,4 +54,7 @@ package() {
rm -rf "$pkgdir"/usr/lib/python*
}
-sha512sums="a697a7f29788afc561cde35431e65e2f37e40fd45af89a6d060bf9988d28089905c6a1c005f9b23fb377547cd7a96a41f62c8d2f61a7f80d1ca1b9ccf857a2ce Botan-2.11.0.tar.xz"
+sha512sums="
+a697a7f29788afc561cde35431e65e2f37e40fd45af89a6d060bf9988d28089905c6a1c005f9b23fb377547cd7a96a41f62c8d2f61a7f80d1ca1b9ccf857a2ce Botan-2.11.0.tar.xz
+41fd0beab7aaf8965272129cdc6741e16061f754412c8c4bd9b4e56b29a3f375790aed6fc9bef11ad246ed46230ea4fcc7b3b5d6403c0f9d4cb6e9c9728c6764 CVE-2021-24115.patch
+"
diff --git a/main/botan/CVE-2021-24115.patch b/main/botan/CVE-2021-24115.patch
new file mode 100644
index 0000000000..8726df6b43
--- /dev/null
+++ b/main/botan/CVE-2021-24115.patch
@@ -0,0 +1,818 @@
+From 8f7846f60b2bee43990a27f4e725980742bbb48f Mon Sep 17 00:00:00 2001
+From: Jack Lloyd <jack@randombit.net>
+Date: Tue, 15 Dec 2020 06:59:08 -0500
+Subject: [PATCH] Backport of #2543 to release-2
+
+---
+ src/lib/codec/base32/base32.cpp | 167 ++++++++++++++++---------------
+ src/lib/codec/base58/base58.cpp | 129 +++++++++++++-----------
+ src/lib/codec/base64/base64.cpp | 172 ++++++++++++++++++--------------
+ src/lib/codec/hex/hex.cpp | 107 ++++++++++----------
+ src/lib/utils/ct_utils.h | 24 +++++
+ 5 files changed, 332 insertions(+), 267 deletions(-)
+
+diff --git a/src/lib/codec/base32/base32.cpp b/src/lib/codec/base32/base32.cpp
+index fc9883c86..224dae991 100644
+--- a/src/lib/codec/base32/base32.cpp
++++ b/src/lib/codec/base32/base32.cpp
+@@ -1,7 +1,7 @@
+ /*
+ * Base32 Encoding and Decoding
+ * (C) 2018 Erwan Chaussy
+-* (C) 2018 Jack Lloyd
++* (C) 2018,2020 Jack Lloyd
+ *
+ * Botan is released under the Simplified BSD License (see license.txt)
+ */
+@@ -9,6 +9,7 @@
+ #include <botan/base32.h>
+ #include <botan/internal/codec_base.h>
+ #include <botan/internal/rounding.h>
++#include <botan/internal/ct_utils.h>
+
+ namespace Botan {
+
+@@ -58,45 +59,11 @@ class Base32 final
+ return (round_up(input_length, m_encoding_bytes_out) * m_encoding_bytes_in) / m_encoding_bytes_out;
+ }
+
+- static void encode(char out[8], const uint8_t in[5]) noexcept
+- {
+- out[0] = Base32::m_bin_to_base32[(in[0] & 0xF8) >> 3];
+- out[1] = Base32::m_bin_to_base32[((in[0] & 0x07) << 2) | (in[1] >> 6)];
+- out[2] = Base32::m_bin_to_base32[((in[1] & 0x3E) >> 1)];
+- out[3] = Base32::m_bin_to_base32[((in[1] & 0x01) << 4) | (in[2] >> 4)];
+- out[4] = Base32::m_bin_to_base32[((in[2] & 0x0F) << 1) | (in[3] >> 7)];
+- out[5] = Base32::m_bin_to_base32[((in[3] & 0x7C) >> 2)];
+- out[6] = Base32::m_bin_to_base32[((in[3] & 0x03) << 3) | (in[4] >> 5)];
+- out[7] = Base32::m_bin_to_base32[in[4] & 0x1F];
+- }
++ static void encode(char out[8], const uint8_t in[5]) noexcept;
+
+- static inline uint8_t lookup_binary_value(char input) noexcept
+- {
+- return Base32::m_base32_to_bin[static_cast<uint8_t>(input)];
+- }
++ static uint8_t lookup_binary_value(char input) noexcept;
+
+- static inline bool check_bad_char(uint8_t bin, char input, bool ignore_ws)
+- {
+- if(bin <= 0x1F)
+- {
+- return true;
+- }
+- else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
+- {
+- std::string bad_char(1, input);
+- if(bad_char == "\t")
+- { bad_char = "\\t"; }
+- else if(bad_char == "\n")
+- { bad_char = "\\n"; }
+- else if(bad_char == "\r")
+- { bad_char = "\\r"; }
+-
+- throw Invalid_Argument(
+- std::string("base32_decode: invalid base32 character '") +
+- bad_char + "'");
+- }
+- return false;
+- }
++ static bool check_bad_char(uint8_t bin, char input, bool ignore_ws);
+
+ static void decode(uint8_t* out_ptr, const uint8_t decode_buf[8])
+ {
+@@ -116,55 +83,97 @@ class Base32 final
+ static const size_t m_encoding_bits = 5;
+ static const size_t m_remaining_bits_before_padding = 6;
+
+-
+ static const size_t m_encoding_bytes_in = 5;
+ static const size_t m_encoding_bytes_out = 8;
++ };
+
++namespace {
+
+- static const uint8_t m_bin_to_base32[32];
+- static const uint8_t m_base32_to_bin[256];
+- };
++char lookup_base32_char(uint8_t x)
++ {
++ BOTAN_DEBUG_ASSERT(x < 32);
++
++ const auto in_AZ = CT::Mask<uint8_t>::is_lt(x, 26);
++
++ const char c_AZ = 'A' + x;
++ const char c_27 = '2' + (x - 26);
++
++ return in_AZ.select(c_AZ, c_27);
++ }
++
++}
+
+-const uint8_t Base32::m_bin_to_base32[32] =
++//static
++void Base32::encode(char out[8], const uint8_t in[5]) noexcept
+ {
+- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+- '2', '3', '4', '5', '6', '7'
+- };
++ const uint8_t b0 = (in[0] & 0xF8) >> 3;
++ const uint8_t b1 = ((in[0] & 0x07) << 2) | (in[1] >> 6);
++ const uint8_t b2 = ((in[1] & 0x3E) >> 1);
++ const uint8_t b3 = ((in[1] & 0x01) << 4) | (in[2] >> 4);
++ const uint8_t b4 = ((in[2] & 0x0F) << 1) | (in[3] >> 7);
++ const uint8_t b5 = ((in[3] & 0x7C) >> 2);
++ const uint8_t b6 = ((in[3] & 0x03) << 3) | (in[4] >> 5);
++ const uint8_t b7 = in[4] & 0x1F;
++
++ out[0] = lookup_base32_char(b0);
++ out[1] = lookup_base32_char(b1);
++ out[2] = lookup_base32_char(b2);
++ out[3] = lookup_base32_char(b3);
++ out[4] = lookup_base32_char(b4);
++ out[5] = lookup_base32_char(b5);
++ out[6] = lookup_base32_char(b6);
++ out[7] = lookup_base32_char(b7);
++ }
+
+-/*
+-* base32 Decoder Lookup Table
+-* Warning: assumes ASCII encodings
+-*/
+-const uint8_t Base32::m_base32_to_bin[256] =
++//static
++uint8_t Base32::lookup_binary_value(char input) noexcept
+ {
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
+- 0x80, 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0x81, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
+- 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
+- 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+- 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+- };
++ const uint8_t c = static_cast<uint8_t>(input);
++
++ const auto is_alpha_upper = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('Z'));
++ const auto is_decimal = CT::Mask<uint8_t>::is_within_range(c, uint8_t('2'), uint8_t('7'));
++
++ const auto is_equal = CT::Mask<uint8_t>::is_equal(c, uint8_t('='));
++ const auto is_whitespace = CT::Mask<uint8_t>::is_any_of(c, {
++ uint8_t(' '), uint8_t('\t'), uint8_t('\n'), uint8_t('\r')
++ });
++
++ const uint8_t c_upper = c - uint8_t('A');
++ const uint8_t c_decim = c - uint8_t('2') + 26;
++
++ uint8_t ret = 0xFF; // default value
++
++ ret = is_alpha_upper.select(c_upper, ret);
++ ret = is_decimal.select(c_decim, ret);
++ ret = is_equal.select(0x81, ret);
++ ret = is_whitespace.select(0x80, ret);
++
++ return ret;
++ }
++
++//static
++bool Base32::check_bad_char(uint8_t bin, char input, bool ignore_ws)
++ {
++ if(bin <= 0x1F)
++ {
++ return true;
++ }
++ else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
++ {
++ std::string bad_char(1, input);
++ if(bad_char == "\t")
++ { bad_char = "\\t"; }
++ else if(bad_char == "\n")
++ { bad_char = "\\n"; }
++ else if(bad_char == "\r")
++ { bad_char = "\\r"; }
++
++ throw Invalid_Argument(
++ std::string("base32_decode: invalid base32 character '") +
++ bad_char + "'");
++ }
++ return false;
++ }
+
+ }
+
+diff --git a/src/lib/codec/base58/base58.cpp b/src/lib/codec/base58/base58.cpp
+index 5aa9441d3..a6d509012 100644
+--- a/src/lib/codec/base58/base58.cpp
++++ b/src/lib/codec/base58/base58.cpp
+@@ -1,5 +1,5 @@
+ /*
+-* (C) 2018 Jack Lloyd
++* (C) 2018,2020 Jack Lloyd
+ *
+ * Botan is released under the Simplified BSD License (see license.txt)
+ */
+@@ -9,6 +9,7 @@
+ #include <botan/bigint.h>
+ #include <botan/divide.h>
+ #include <botan/loadstor.h>
++#include <botan/internal/ct_utils.h>
+ #include <botan/hash.h>
+
+ namespace Botan {
+@@ -30,73 +31,52 @@ uint32_t sha256_d_checksum(const uint8_t input[], size_t input_length)
+ return load_be<uint32_t>(checksum.data(), 0);
+ }
+
+-class Character_Table
++char lookup_base58_char(uint8_t x)
+ {
+- public:
+- // This must be a literal constant
+- Character_Table(const char* alphabet) :
+- m_alphabet(alphabet)
+- {
+- const size_t alpha_len = std::strlen(alphabet);
+-
+- // 128 or up would flow into 0x80 invalid bit
+- if(alpha_len == 0 || alpha_len >= 128)
+- throw Invalid_Argument("Bad Character_Table string");
+-
+- m_alphabet_len = static_cast<uint8_t>(alpha_len);
+-
+- set_mem(m_tab, 256, 0x80);
+-
+- for(size_t i = 0; m_alphabet[i]; ++i)
+- {
+- const uint8_t b = static_cast<uint8_t>(m_alphabet[i]);
+- BOTAN_ASSERT(m_tab[b] == 0x80, "No duplicate chars");
+- m_tab[b] = static_cast<uint8_t>(i);
+- }
+- }
+-
+- uint8_t radix() const { return m_alphabet_len; }
+-
+- char operator[](size_t i) const
+- {
+- BOTAN_ASSERT(i < m_alphabet_len, "Character in range");
+- return m_alphabet[i];
+- }
+-
+- uint8_t code_for(char c) const
+- {
+- return m_tab[static_cast<uint8_t>(c)];
+- }
+-
+- private:
+- const char* m_alphabet;
+- uint8_t m_alphabet_len;
+- uint8_t m_tab[256];
+- };
+-
+-static const Character_Table& BASE58_ALPHA()
+- {
+- static const Character_Table base58_alpha("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz");
+- return base58_alpha;
++ // "123456789 ABCDEFGH JKLMN PQRSTUVWXYZ abcdefghijk mnopqrstuvwxyz"
++ BOTAN_DEBUG_ASSERT(x < 58);
++
++ const auto is_dec_19 = CT::Mask<uint8_t>::is_lte(x, 8);
++ const auto is_alpha_AH = CT::Mask<uint8_t>::is_within_range(x, 9, 16);
++ const auto is_alpha_JN = CT::Mask<uint8_t>::is_within_range(x, 17, 21);
++ const auto is_alpha_PZ = CT::Mask<uint8_t>::is_within_range(x, 22, 32);
++ const auto is_alpha_ak = CT::Mask<uint8_t>::is_within_range(x, 33, 43);
++ // otherwise in 'm'-'z'
++
++ const char c_19 = '1' + x;
++ const char c_AH = 'A' + (x - 9);
++ const char c_JN = 'J' + (x - 17);
++ const char c_PZ = 'P' + (x - 22);
++ const char c_ak = 'a' + (x - 33);
++ const char c_mz = 'm' + (x - 44);
++
++ char ret = c_mz;
++ ret = is_dec_19.select(c_19, ret);
++ ret = is_alpha_AH.select(c_AH, ret);
++ ret = is_alpha_JN.select(c_JN, ret);
++ ret = is_alpha_PZ.select(c_PZ, ret);
++ ret = is_alpha_ak.select(c_ak, ret);
++
++ return ret;
+ }
+
+ std::string base58_encode(BigInt v, size_t leading_zeros)
+ {
+- const auto base58 = BASE58_ALPHA();
++ const uint8_t radix = 58;
+
+ std::string result;
+ BigInt q;
+- uint8_t r;
+
+ while(v.is_nonzero())
+ {
+- ct_divide_u8(v, base58.radix(), q, r);
+- result.push_back(base58[r]);
++ uint8_t r;
++ ct_divide_u8(v, radix, q, r);
++ result.push_back(lookup_base58_char(r));
+ v.swap(q);
+ }
+
+ for(size_t i = 0; i != leading_zeros; ++i)
+- result.push_back(base58[0]);
++ result.push_back('1'); // 'zero' byte
+
+ return std::string(result.rbegin(), result.rend());
+ }
+@@ -112,6 +92,39 @@ size_t count_leading_zeros(const T input[], size_t input_length, Z zero)
+ return leading_zeros;
+ }
+
++uint8_t base58_value_of(char input)
++ {
++ // "123456789 ABCDEFGH JKLMN PQRSTUVWXYZ abcdefghijk mnopqrstuvwxyz"
++
++ const uint8_t c = static_cast<uint8_t>(input);
++
++ const auto is_dec_19 = CT::Mask<uint8_t>::is_within_range(c, uint8_t('1'), uint8_t('9'));
++ const auto is_alpha_AH = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('H'));
++ const auto is_alpha_JN = CT::Mask<uint8_t>::is_within_range(c, uint8_t('J'), uint8_t('N'));
++ const auto is_alpha_PZ = CT::Mask<uint8_t>::is_within_range(c, uint8_t('P'), uint8_t('Z'));
++
++ const auto is_alpha_ak = CT::Mask<uint8_t>::is_within_range(c, uint8_t('a'), uint8_t('k'));
++ const auto is_alpha_mz = CT::Mask<uint8_t>::is_within_range(c, uint8_t('m'), uint8_t('z'));
++
++ const uint8_t c_dec_19 = c - uint8_t('1');
++ const uint8_t c_AH = c - uint8_t('A') + 9;
++ const uint8_t c_JN = c - uint8_t('J') + 17;
++ const uint8_t c_PZ = c - uint8_t('P') + 22;
++
++ const uint8_t c_ak = c - uint8_t('a') + 33;
++ const uint8_t c_mz = c - uint8_t('m') + 44;
++
++ uint8_t ret = 0xFF; // default value
++
++ ret = is_dec_19.select(c_dec_19, ret);
++ ret = is_alpha_AH.select(c_AH, ret);
++ ret = is_alpha_JN.select(c_JN, ret);
++ ret = is_alpha_PZ.select(c_PZ, ret);
++ ret = is_alpha_ak.select(c_ak, ret);
++ ret = is_alpha_mz.select(c_mz, ret);
++ return ret;
++ }
++
+ }
+
+ std::string base58_encode(const uint8_t input[], size_t input_length)
+@@ -130,9 +143,7 @@ std::string base58_check_encode(const uint8_t input[], size_t input_length)
+
+ std::vector<uint8_t> base58_decode(const char input[], size_t input_length)
+ {
+- const auto base58 = BASE58_ALPHA();
+-
+- const size_t leading_zeros = count_leading_zeros(input, input_length, base58[0]);
++ const size_t leading_zeros = count_leading_zeros(input, input_length, '1');
+
+ BigInt v;
+
+@@ -143,12 +154,12 @@ std::vector<uint8_t> base58_decode(const char input[], size_t input_length)
+ if(c == ' ' || c == '\n')
+ continue;
+
+- const size_t idx = base58.code_for(c);
++ const uint8_t idx = base58_value_of(c);
+
+- if(idx == 0x80)
++ if(idx == 0xFF)
+ throw Decoding_Error("Invalid base58");
+
+- v *= base58.radix();
++ v *= 58;
+ v += idx;
+ }
+
+diff --git a/src/lib/codec/base64/base64.cpp b/src/lib/codec/base64/base64.cpp
+index b4f78bca0..bb286cc6e 100644
+--- a/src/lib/codec/base64/base64.cpp
++++ b/src/lib/codec/base64/base64.cpp
+@@ -1,6 +1,6 @@
+ /*
+ * Base64 Encoding and Decoding
+-* (C) 2010,2015 Jack Lloyd
++* (C) 2010,2015,2020 Jack Lloyd
+ *
+ * Botan is released under the Simplified BSD License (see license.txt)
+ */
+@@ -9,6 +9,7 @@
+ #include <botan/internal/codec_base.h>
+ #include <botan/exceptn.h>
+ #include <botan/internal/rounding.h>
++#include <botan/internal/ct_utils.h>
+
+ namespace Botan {
+
+@@ -58,41 +59,11 @@ class Base64 final
+ return (round_up(input_length, m_encoding_bytes_out) * m_encoding_bytes_in) / m_encoding_bytes_out;
+ }
+
+- static void encode(char out[8], const uint8_t in[5]) noexcept
+- {
+- out[0] = Base64::m_bin_to_base64[(in[0] & 0xFC) >> 2];
+- out[1] = Base64::m_bin_to_base64[((in[0] & 0x03) << 4) | (in[1] >> 4)];
+- out[2] = Base64::m_bin_to_base64[((in[1] & 0x0F) << 2) | (in[2] >> 6)];
+- out[3] = Base64::m_bin_to_base64[in[2] & 0x3F];
+- }
++ static void encode(char out[8], const uint8_t in[5]) noexcept;
+
+- static inline uint8_t lookup_binary_value(char input) noexcept
+- {
+- return Base64::m_base64_to_bin[static_cast<uint8_t>(input)];
+- }
++ static uint8_t lookup_binary_value(char input) noexcept;
+
+- static inline bool check_bad_char(uint8_t bin, char input, bool ignore_ws)
+- {
+- if(bin <= 0x3F)
+- {
+- return true;
+- }
+- else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
+- {
+- std::string bad_char(1, input);
+- if(bad_char == "\t")
+- { bad_char = "\\t"; }
+- else if(bad_char == "\n")
+- { bad_char = "\\n"; }
+- else if(bad_char == "\r")
+- { bad_char = "\\r"; }
+-
+- throw Invalid_Argument(
+- std::string("base64_decode: invalid base64 character '") +
+- bad_char + "'");
+- }
+- return false;
+- }
++ static bool check_bad_char(uint8_t bin, char input, bool ignore_ws);
+
+ static void decode(uint8_t* out_ptr, const uint8_t decode_buf[4])
+ {
+@@ -110,57 +81,104 @@ class Base64 final
+ static const size_t m_encoding_bits = 6;
+ static const size_t m_remaining_bits_before_padding = 8;
+
+-
+ static const size_t m_encoding_bytes_in = 3;
+ static const size_t m_encoding_bytes_out = 4;
++ };
+
++char lookup_base64_char(uint8_t x)
++ {
++ BOTAN_DEBUG_ASSERT(x < 64);
++
++ const auto in_az = CT::Mask<uint8_t>::is_within_range(x, 26, 51);
++ const auto in_09 = CT::Mask<uint8_t>::is_within_range(x, 52, 61);
++ const auto eq_plus = CT::Mask<uint8_t>::is_equal(x, 62);
++ const auto eq_slash = CT::Mask<uint8_t>::is_equal(x, 63);
++
++ const char c_AZ = 'A' + x;
++ const char c_az = 'a' + (x - 26);
++ const char c_09 = '0' + (x - 2*26);
++ const char c_plus = '+';
++ const char c_slash = '/';
++
++ char ret = c_AZ;
++ ret = in_az.select(c_az, ret);
++ ret = in_09.select(c_09, ret);
++ ret = eq_plus.select(c_plus, ret);
++ ret = eq_slash.select(c_slash, ret);
++
++ return ret;
++ }
+
+- static const uint8_t m_bin_to_base64[64];
+- static const uint8_t m_base64_to_bin[256];
+- };
++//static
++void Base64::encode(char out[8], const uint8_t in[5]) noexcept
++ {
++ const uint8_t b0 = (in[0] & 0xFC) >> 2;
++ const uint8_t b1 = ((in[0] & 0x03) << 4) | (in[1] >> 4);
++ const uint8_t b2 = ((in[1] & 0x0F) << 2) | (in[2] >> 6);
++ const uint8_t b3 = in[2] & 0x3F;
++ out[0] = lookup_base64_char(b0);
++ out[1] = lookup_base64_char(b1);
++ out[2] = lookup_base64_char(b2);
++ out[3] = lookup_base64_char(b3);
++ }
+
+-const uint8_t Base64::m_bin_to_base64[64] =
++//static
++uint8_t Base64::lookup_binary_value(char input) noexcept
+ {
+- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+- 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
+- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'
+- };
++ const uint8_t c = static_cast<uint8_t>(input);
++ const auto is_alpha_upper = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('Z'));
++ const auto is_alpha_lower = CT::Mask<uint8_t>::is_within_range(c, uint8_t('a'), uint8_t('z'));
++ const auto is_decimal = CT::Mask<uint8_t>::is_within_range(c, uint8_t('0'), uint8_t('9'));
++
++ const auto is_plus = CT::Mask<uint8_t>::is_equal(c, uint8_t('+'));
++ const auto is_slash = CT::Mask<uint8_t>::is_equal(c, uint8_t('/'));
++ const auto is_equal = CT::Mask<uint8_t>::is_equal(c, uint8_t('='));
++
++ const auto is_whitespace = CT::Mask<uint8_t>::is_any_of(c, {
++ uint8_t(' '), uint8_t('\t'), uint8_t('\n'), uint8_t('\r')
++ });
++
++ const uint8_t c_upper = c - uint8_t('A');
++ const uint8_t c_lower = c - uint8_t('a') + 26;
++ const uint8_t c_decim = c - uint8_t('0') + 2*26;
++
++ uint8_t ret = 0xFF; // default value
++
++ ret = is_alpha_upper.select(c_upper, ret);
++ ret = is_alpha_lower.select(c_lower, ret);
++ ret = is_decimal.select(c_decim, ret);
++ ret = is_plus.select(62, ret);
++ ret = is_slash.select(63, ret);
++ ret = is_equal.select(0x81, ret);
++ ret = is_whitespace.select(0x80, ret);
++
++ return ret;
++ }
+
+-/*
+-* base64 Decoder Lookup Table
+-* Warning: assumes ASCII encodings
+-*/
+-const uint8_t Base64::m_base64_to_bin[256] =
++//static
++bool Base64::check_bad_char(uint8_t bin, char input, bool ignore_ws)
+ {
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
+- 0x80, 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0x3F, 0x34, 0x35,
+- 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0xFF, 0xFF,
+- 0xFF, 0x81, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
+- 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
+- 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+- 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x1A, 0x1B, 0x1C,
+- 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+- 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
+- 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+- };
++ if(bin <= 0x3F)
++ {
++ return true;
++ }
++ else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
++ {
++ std::string bad_char(1, input);
++ if(bad_char == "\t")
++ { bad_char = "\\t"; }
++ else if(bad_char == "\n")
++ { bad_char = "\\n"; }
++ else if(bad_char == "\r")
++ { bad_char = "\\r"; }
++
++ throw Invalid_Argument(
++ std::string("base64_decode: invalid base64 character '") +
++ bad_char + "'");
++ }
++ return false;
++ }
++
+ }
+
+ size_t base64_encode(char out[],
+diff --git a/src/lib/codec/hex/hex.cpp b/src/lib/codec/hex/hex.cpp
+index 6bbd7c28e..1ae21f398 100644
+--- a/src/lib/codec/hex/hex.cpp
++++ b/src/lib/codec/hex/hex.cpp
+@@ -1,6 +1,6 @@
+ /*
+ * Hex Encoding and Decoding
+-* (C) 2010 Jack Lloyd
++* (C) 2010,2020 Jack Lloyd
+ *
+ * Botan is released under the Simplified BSD License (see license.txt)
+ */
+@@ -8,29 +8,38 @@
+ #include <botan/hex.h>
+ #include <botan/mem_ops.h>
+ #include <botan/exceptn.h>
++#include <botan/internal/ct_utils.h>
+
+ namespace Botan {
+
++namespace {
++
++char hex_encode_nibble(uint8_t n, bool uppercase)
++ {
++ BOTAN_DEBUG_ASSERT(n <= 15);
++
++ const auto in_09 = CT::Mask<uint8_t>::is_lt(n, 10);
++
++ const char c_09 = n + '0';
++ const char c_af = n + (uppercase ? 'A' : 'a') - 10;
++
++ return in_09.select(c_09, c_af);
++ }
++
++}
++
+ void hex_encode(char output[],
+ const uint8_t input[],
+ size_t input_length,
+ bool uppercase)
+ {
+- static const uint8_t BIN_TO_HEX_UPPER[16] = {
+- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
+- 'A', 'B', 'C', 'D', 'E', 'F' };
+-
+- static const uint8_t BIN_TO_HEX_LOWER[16] = {
+- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
+- 'a', 'b', 'c', 'd', 'e', 'f' };
+-
+- const uint8_t* tbl = uppercase ? BIN_TO_HEX_UPPER : BIN_TO_HEX_LOWER;
+-
+ for(size_t i = 0; i != input_length; ++i)
+ {
+- uint8_t x = input[i];
+- output[2*i ] = tbl[(x >> 4) & 0x0F];
+- output[2*i+1] = tbl[(x ) & 0x0F];
++ const uint8_t n0 = (input[i] >> 4) & 0xF;
++ const uint8_t n1 = (input[i] ) & 0xF;
++
++ output[2*i ] = hex_encode_nibble(n0, uppercase);
++ output[2*i+1] = hex_encode_nibble(n1, uppercase);
+ }
+ }
+
+@@ -46,49 +55,43 @@ std::string hex_encode(const uint8_t input[],
+ return output;
+ }
+
++namespace {
++
++uint8_t hex_char_to_bin(char input)
++ {
++ const uint8_t c = static_cast<uint8_t>(input);
++
++ const auto is_alpha_upper = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('F'));
++ const auto is_alpha_lower = CT::Mask<uint8_t>::is_within_range(c, uint8_t('a'), uint8_t('f'));
++ const auto is_decimal = CT::Mask<uint8_t>::is_within_range(c, uint8_t('0'), uint8_t('9'));
++
++ const auto is_whitespace = CT::Mask<uint8_t>::is_any_of(c, {
++ uint8_t(' '), uint8_t('\t'), uint8_t('\n'), uint8_t('\r')
++ });
++
++ const uint8_t c_upper = c - uint8_t('A') + 10;
++ const uint8_t c_lower = c - uint8_t('a') + 10;
++ const uint8_t c_decim = c - uint8_t('0');
++
++ uint8_t ret = 0xFF; // default value
++
++ ret = is_alpha_upper.select(c_upper, ret);
++ ret = is_alpha_lower.select(c_lower, ret);
++ ret = is_decimal.select(c_decim, ret);
++ ret = is_whitespace.select(0x80, ret);
++
++ return ret;
++ }
++
++}
++
++
+ size_t hex_decode(uint8_t output[],
+ const char input[],
+ size_t input_length,
+ size_t& input_consumed,
+ bool ignore_ws)
+ {
+- /*
+- * Mapping of hex characters to either their binary equivalent
+- * or to an error code.
+- * If valid hex (0-9 A-F a-f), the value.
+- * If whitespace, then 0x80
+- * Otherwise 0xFF
+- * Warning: this table assumes ASCII character encodings
+- */
+-
+- static const uint8_t HEX_TO_BIN[256] = {
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
+- 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x01,
+- 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
+- 0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C,
+- 0x0D, 0x0E, 0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
+-
+ uint8_t* out_ptr = output;
+ bool top_nibble = true;
+
+@@ -96,7 +99,7 @@ size_t hex_decode(uint8_t output[],
+
+ for(size_t i = 0; i != input_length; ++i)
+ {
+- const uint8_t bin = HEX_TO_BIN[static_cast<uint8_t>(input[i])];
++ const uint8_t bin = hex_char_to_bin(input[i]);
+
+ if(bin >= 0x10)
+ {
+diff --git a/src/lib/utils/ct_utils.h b/src/lib/utils/ct_utils.h
+index 17737a97c..f2e745293 100644
+--- a/src/lib/utils/ct_utils.h
++++ b/src/lib/utils/ct_utils.h
+@@ -183,6 +183,30 @@ class Mask
+ return ~Mask<T>::is_lt(x, y);
+ }
+
++ static Mask<T> is_within_range(T v, T l, T u)
++ {
++ //return Mask<T>::is_gte(v, l) & Mask<T>::is_lte(v, u);
++
++ const T v_lt_l = v^((v^l) | ((v-l)^v));
++ const T v_gt_u = u^((u^v) | ((u-v)^u));
++ const T either = v_lt_l | v_gt_u;
++ return ~Mask<T>(expand_top_bit(either));
++ }
++
++ static Mask<T> is_any_of(T v, std::initializer_list<T> accepted)
++ {
++ T accept = 0;
++
++ for(auto a: accepted)
++ {
++ const T diff = a ^ v;
++ const T eq_zero = ~diff & (diff - 1);
++ accept |= eq_zero;
++ }
++
++ return Mask<T>(expand_top_bit(accept));
++ }
++
+ /**
+ * AND-combine two masks
+ */
+--
+2.31.1
+