diff options
| author | Ariadne Conill <ariadne@dereferenced.org> | 2021-06-09 14:00:21 -0600 |
|---|---|---|
| committer | Ariadne Conill <ariadne@dereferenced.org> | 2021-06-09 14:10:21 -0600 |
| commit | f7d64f9e625a0d6b1b2e976115fe69d82e1bb68a (patch) | |
| tree | bd9419e4755005299c8a9ba87d0a9eaaf9e7f903 | |
| parent | 6061a647f58c5476f13b74979660bd8b3309f980 (diff) | |
main/botan: add mitigation for CVE-2021-24115
| -rw-r--r-- | main/botan/APKBUILD | 12 | ||||
| -rw-r--r-- | main/botan/CVE-2021-24115.patch | 818 |
2 files changed, 827 insertions, 3 deletions
diff --git a/main/botan/APKBUILD b/main/botan/APKBUILD index eef6f931040..d16157cac90 100644 --- a/main/botan/APKBUILD +++ b/main/botan/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=botan pkgver=2.11.0 -pkgrel=3 +pkgrel=4 pkgdesc="Crypto and TLS for C++11" url="https://botan.randombit.net/" arch="all" @@ -10,10 +10,13 @@ license="BSD-2-Clause" depends_dev="boost-dev bzip2-dev openssl-dev sqlite-dev xz-dev zlib-dev" makedepends="$depends_dev python3" subpackages="$pkgname-dev $pkgname-doc $pkgname-libs" -source="https://botan.randombit.net/releases/Botan-$pkgver.tar.xz" +source="https://botan.randombit.net/releases/Botan-$pkgver.tar.xz + CVE-2021-24115.patch" builddir="$srcdir/Botan-$pkgver" # secfixes: +# 2.11.0-r4: +# - CVE-2021-24115 # 2.9.0-r0: # - CVE-2018-20187 # 2.7.0-r0: @@ -51,4 +54,7 @@ package() { rm -rf "$pkgdir"/usr/lib/python* } -sha512sums="a697a7f29788afc561cde35431e65e2f37e40fd45af89a6d060bf9988d28089905c6a1c005f9b23fb377547cd7a96a41f62c8d2f61a7f80d1ca1b9ccf857a2ce Botan-2.11.0.tar.xz" +sha512sums=" +a697a7f29788afc561cde35431e65e2f37e40fd45af89a6d060bf9988d28089905c6a1c005f9b23fb377547cd7a96a41f62c8d2f61a7f80d1ca1b9ccf857a2ce Botan-2.11.0.tar.xz +41fd0beab7aaf8965272129cdc6741e16061f754412c8c4bd9b4e56b29a3f375790aed6fc9bef11ad246ed46230ea4fcc7b3b5d6403c0f9d4cb6e9c9728c6764 CVE-2021-24115.patch +" diff --git a/main/botan/CVE-2021-24115.patch b/main/botan/CVE-2021-24115.patch new file mode 100644 index 00000000000..8726df6b438 --- /dev/null +++ b/main/botan/CVE-2021-24115.patch @@ -0,0 +1,818 @@ +From 8f7846f60b2bee43990a27f4e725980742bbb48f Mon Sep 17 00:00:00 2001 +From: Jack Lloyd <jack@randombit.net> +Date: Tue, 15 Dec 2020 06:59:08 -0500 +Subject: [PATCH] Backport of #2543 to release-2 + +--- + src/lib/codec/base32/base32.cpp | 167 ++++++++++++++++--------------- + src/lib/codec/base58/base58.cpp | 129 +++++++++++++----------- + src/lib/codec/base64/base64.cpp | 172 ++++++++++++++++++-------------- + src/lib/codec/hex/hex.cpp | 107 ++++++++++---------- + src/lib/utils/ct_utils.h | 24 +++++ + 5 files changed, 332 insertions(+), 267 deletions(-) + +diff --git a/src/lib/codec/base32/base32.cpp b/src/lib/codec/base32/base32.cpp +index fc9883c86..224dae991 100644 +--- a/src/lib/codec/base32/base32.cpp ++++ b/src/lib/codec/base32/base32.cpp +@@ -1,7 +1,7 @@ + /* + * Base32 Encoding and Decoding + * (C) 2018 Erwan Chaussy +-* (C) 2018 Jack Lloyd ++* (C) 2018,2020 Jack Lloyd + * + * Botan is released under the Simplified BSD License (see license.txt) + */ +@@ -9,6 +9,7 @@ + #include <botan/base32.h> + #include <botan/internal/codec_base.h> + #include <botan/internal/rounding.h> ++#include <botan/internal/ct_utils.h> + + namespace Botan { + +@@ -58,45 +59,11 @@ class Base32 final + return (round_up(input_length, m_encoding_bytes_out) * m_encoding_bytes_in) / m_encoding_bytes_out; + } + +- static void encode(char out[8], const uint8_t in[5]) noexcept +- { +- out[0] = Base32::m_bin_to_base32[(in[0] & 0xF8) >> 3]; +- out[1] = Base32::m_bin_to_base32[((in[0] & 0x07) << 2) | (in[1] >> 6)]; +- out[2] = Base32::m_bin_to_base32[((in[1] & 0x3E) >> 1)]; +- out[3] = Base32::m_bin_to_base32[((in[1] & 0x01) << 4) | (in[2] >> 4)]; +- out[4] = Base32::m_bin_to_base32[((in[2] & 0x0F) << 1) | (in[3] >> 7)]; +- out[5] = Base32::m_bin_to_base32[((in[3] & 0x7C) >> 2)]; +- out[6] = Base32::m_bin_to_base32[((in[3] & 0x03) << 3) | (in[4] >> 5)]; +- out[7] = Base32::m_bin_to_base32[in[4] & 0x1F]; +- } ++ static void encode(char out[8], const uint8_t in[5]) noexcept; + +- static inline uint8_t lookup_binary_value(char input) noexcept +- { +- return Base32::m_base32_to_bin[static_cast<uint8_t>(input)]; +- } ++ static uint8_t lookup_binary_value(char input) noexcept; + +- static inline bool check_bad_char(uint8_t bin, char input, bool ignore_ws) +- { +- if(bin <= 0x1F) +- { +- return true; +- } +- else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws))) +- { +- std::string bad_char(1, input); +- if(bad_char == "\t") +- { bad_char = "\\t"; } +- else if(bad_char == "\n") +- { bad_char = "\\n"; } +- else if(bad_char == "\r") +- { bad_char = "\\r"; } +- +- throw Invalid_Argument( +- std::string("base32_decode: invalid base32 character '") + +- bad_char + "'"); +- } +- return false; +- } ++ static bool check_bad_char(uint8_t bin, char input, bool ignore_ws); + + static void decode(uint8_t* out_ptr, const uint8_t decode_buf[8]) + { +@@ -116,55 +83,97 @@ class Base32 final + static const size_t m_encoding_bits = 5; + static const size_t m_remaining_bits_before_padding = 6; + +- + static const size_t m_encoding_bytes_in = 5; + static const size_t m_encoding_bytes_out = 8; ++ }; + ++namespace { + +- static const uint8_t m_bin_to_base32[32]; +- static const uint8_t m_base32_to_bin[256]; +- }; ++char lookup_base32_char(uint8_t x) ++ { ++ BOTAN_DEBUG_ASSERT(x < 32); ++ ++ const auto in_AZ = CT::Mask<uint8_t>::is_lt(x, 26); ++ ++ const char c_AZ = 'A' + x; ++ const char c_27 = '2' + (x - 26); ++ ++ return in_AZ.select(c_AZ, c_27); ++ } ++ ++} + +-const uint8_t Base32::m_bin_to_base32[32] = ++//static ++void Base32::encode(char out[8], const uint8_t in[5]) noexcept + { +- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', +- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', +- '2', '3', '4', '5', '6', '7' +- }; ++ const uint8_t b0 = (in[0] & 0xF8) >> 3; ++ const uint8_t b1 = ((in[0] & 0x07) << 2) | (in[1] >> 6); ++ const uint8_t b2 = ((in[1] & 0x3E) >> 1); ++ const uint8_t b3 = ((in[1] & 0x01) << 4) | (in[2] >> 4); ++ const uint8_t b4 = ((in[2] & 0x0F) << 1) | (in[3] >> 7); ++ const uint8_t b5 = ((in[3] & 0x7C) >> 2); ++ const uint8_t b6 = ((in[3] & 0x03) << 3) | (in[4] >> 5); ++ const uint8_t b7 = in[4] & 0x1F; ++ ++ out[0] = lookup_base32_char(b0); ++ out[1] = lookup_base32_char(b1); ++ out[2] = lookup_base32_char(b2); ++ out[3] = lookup_base32_char(b3); ++ out[4] = lookup_base32_char(b4); ++ out[5] = lookup_base32_char(b5); ++ out[6] = lookup_base32_char(b6); ++ out[7] = lookup_base32_char(b7); ++ } + +-/* +-* base32 Decoder Lookup Table +-* Warning: assumes ASCII encodings +-*/ +-const uint8_t Base32::m_base32_to_bin[256] = ++//static ++uint8_t Base32::lookup_binary_value(char input) noexcept + { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, +- 0x80, 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0x81, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, +- 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, +- 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, +- 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +- }; ++ const uint8_t c = static_cast<uint8_t>(input); ++ ++ const auto is_alpha_upper = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('Z')); ++ const auto is_decimal = CT::Mask<uint8_t>::is_within_range(c, uint8_t('2'), uint8_t('7')); ++ ++ const auto is_equal = CT::Mask<uint8_t>::is_equal(c, uint8_t('=')); ++ const auto is_whitespace = CT::Mask<uint8_t>::is_any_of(c, { ++ uint8_t(' '), uint8_t('\t'), uint8_t('\n'), uint8_t('\r') ++ }); ++ ++ const uint8_t c_upper = c - uint8_t('A'); ++ const uint8_t c_decim = c - uint8_t('2') + 26; ++ ++ uint8_t ret = 0xFF; // default value ++ ++ ret = is_alpha_upper.select(c_upper, ret); ++ ret = is_decimal.select(c_decim, ret); ++ ret = is_equal.select(0x81, ret); ++ ret = is_whitespace.select(0x80, ret); ++ ++ return ret; ++ } ++ ++//static ++bool Base32::check_bad_char(uint8_t bin, char input, bool ignore_ws) ++ { ++ if(bin <= 0x1F) ++ { ++ return true; ++ } ++ else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws))) ++ { ++ std::string bad_char(1, input); ++ if(bad_char == "\t") ++ { bad_char = "\\t"; } ++ else if(bad_char == "\n") ++ { bad_char = "\\n"; } ++ else if(bad_char == "\r") ++ { bad_char = "\\r"; } ++ ++ throw Invalid_Argument( ++ std::string("base32_decode: invalid base32 character '") + ++ bad_char + "'"); ++ } ++ return false; ++ } + + } + +diff --git a/src/lib/codec/base58/base58.cpp b/src/lib/codec/base58/base58.cpp +index 5aa9441d3..a6d509012 100644 +--- a/src/lib/codec/base58/base58.cpp ++++ b/src/lib/codec/base58/base58.cpp +@@ -1,5 +1,5 @@ + /* +-* (C) 2018 Jack Lloyd ++* (C) 2018,2020 Jack Lloyd + * + * Botan is released under the Simplified BSD License (see license.txt) + */ +@@ -9,6 +9,7 @@ + #include <botan/bigint.h> + #include <botan/divide.h> + #include <botan/loadstor.h> ++#include <botan/internal/ct_utils.h> + #include <botan/hash.h> + + namespace Botan { +@@ -30,73 +31,52 @@ uint32_t sha256_d_checksum(const uint8_t input[], size_t input_length) + return load_be<uint32_t>(checksum.data(), 0); + } + +-class Character_Table ++char lookup_base58_char(uint8_t x) + { +- public: +- // This must be a literal constant +- Character_Table(const char* alphabet) : +- m_alphabet(alphabet) +- { +- const size_t alpha_len = std::strlen(alphabet); +- +- // 128 or up would flow into 0x80 invalid bit +- if(alpha_len == 0 || alpha_len >= 128) +- throw Invalid_Argument("Bad Character_Table string"); +- +- m_alphabet_len = static_cast<uint8_t>(alpha_len); +- +- set_mem(m_tab, 256, 0x80); +- +- for(size_t i = 0; m_alphabet[i]; ++i) +- { +- const uint8_t b = static_cast<uint8_t>(m_alphabet[i]); +- BOTAN_ASSERT(m_tab[b] == 0x80, "No duplicate chars"); +- m_tab[b] = static_cast<uint8_t>(i); +- } +- } +- +- uint8_t radix() const { return m_alphabet_len; } +- +- char operator[](size_t i) const +- { +- BOTAN_ASSERT(i < m_alphabet_len, "Character in range"); +- return m_alphabet[i]; +- } +- +- uint8_t code_for(char c) const +- { +- return m_tab[static_cast<uint8_t>(c)]; +- } +- +- private: +- const char* m_alphabet; +- uint8_t m_alphabet_len; +- uint8_t m_tab[256]; +- }; +- +-static const Character_Table& BASE58_ALPHA() +- { +- static const Character_Table base58_alpha("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"); +- return base58_alpha; ++ // "123456789 ABCDEFGH JKLMN PQRSTUVWXYZ abcdefghijk mnopqrstuvwxyz" ++ BOTAN_DEBUG_ASSERT(x < 58); ++ ++ const auto is_dec_19 = CT::Mask<uint8_t>::is_lte(x, 8); ++ const auto is_alpha_AH = CT::Mask<uint8_t>::is_within_range(x, 9, 16); ++ const auto is_alpha_JN = CT::Mask<uint8_t>::is_within_range(x, 17, 21); ++ const auto is_alpha_PZ = CT::Mask<uint8_t>::is_within_range(x, 22, 32); ++ const auto is_alpha_ak = CT::Mask<uint8_t>::is_within_range(x, 33, 43); ++ // otherwise in 'm'-'z' ++ ++ const char c_19 = '1' + x; ++ const char c_AH = 'A' + (x - 9); ++ const char c_JN = 'J' + (x - 17); ++ const char c_PZ = 'P' + (x - 22); ++ const char c_ak = 'a' + (x - 33); ++ const char c_mz = 'm' + (x - 44); ++ ++ char ret = c_mz; ++ ret = is_dec_19.select(c_19, ret); ++ ret = is_alpha_AH.select(c_AH, ret); ++ ret = is_alpha_JN.select(c_JN, ret); ++ ret = is_alpha_PZ.select(c_PZ, ret); ++ ret = is_alpha_ak.select(c_ak, ret); ++ ++ return ret; + } + + std::string base58_encode(BigInt v, size_t leading_zeros) + { +- const auto base58 = BASE58_ALPHA(); ++ const uint8_t radix = 58; + + std::string result; + BigInt q; +- uint8_t r; + + while(v.is_nonzero()) + { +- ct_divide_u8(v, base58.radix(), q, r); +- result.push_back(base58[r]); ++ uint8_t r; ++ ct_divide_u8(v, radix, q, r); ++ result.push_back(lookup_base58_char(r)); + v.swap(q); + } + + for(size_t i = 0; i != leading_zeros; ++i) +- result.push_back(base58[0]); ++ result.push_back('1'); // 'zero' byte + + return std::string(result.rbegin(), result.rend()); + } +@@ -112,6 +92,39 @@ size_t count_leading_zeros(const T input[], size_t input_length, Z zero) + return leading_zeros; + } + ++uint8_t base58_value_of(char input) ++ { ++ // "123456789 ABCDEFGH JKLMN PQRSTUVWXYZ abcdefghijk mnopqrstuvwxyz" ++ ++ const uint8_t c = static_cast<uint8_t>(input); ++ ++ const auto is_dec_19 = CT::Mask<uint8_t>::is_within_range(c, uint8_t('1'), uint8_t('9')); ++ const auto is_alpha_AH = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('H')); ++ const auto is_alpha_JN = CT::Mask<uint8_t>::is_within_range(c, uint8_t('J'), uint8_t('N')); ++ const auto is_alpha_PZ = CT::Mask<uint8_t>::is_within_range(c, uint8_t('P'), uint8_t('Z')); ++ ++ const auto is_alpha_ak = CT::Mask<uint8_t>::is_within_range(c, uint8_t('a'), uint8_t('k')); ++ const auto is_alpha_mz = CT::Mask<uint8_t>::is_within_range(c, uint8_t('m'), uint8_t('z')); ++ ++ const uint8_t c_dec_19 = c - uint8_t('1'); ++ const uint8_t c_AH = c - uint8_t('A') + 9; ++ const uint8_t c_JN = c - uint8_t('J') + 17; ++ const uint8_t c_PZ = c - uint8_t('P') + 22; ++ ++ const uint8_t c_ak = c - uint8_t('a') + 33; ++ const uint8_t c_mz = c - uint8_t('m') + 44; ++ ++ uint8_t ret = 0xFF; // default value ++ ++ ret = is_dec_19.select(c_dec_19, ret); ++ ret = is_alpha_AH.select(c_AH, ret); ++ ret = is_alpha_JN.select(c_JN, ret); ++ ret = is_alpha_PZ.select(c_PZ, ret); ++ ret = is_alpha_ak.select(c_ak, ret); ++ ret = is_alpha_mz.select(c_mz, ret); ++ return ret; ++ } ++ + } + + std::string base58_encode(const uint8_t input[], size_t input_length) +@@ -130,9 +143,7 @@ std::string base58_check_encode(const uint8_t input[], size_t input_length) + + std::vector<uint8_t> base58_decode(const char input[], size_t input_length) + { +- const auto base58 = BASE58_ALPHA(); +- +- const size_t leading_zeros = count_leading_zeros(input, input_length, base58[0]); ++ const size_t leading_zeros = count_leading_zeros(input, input_length, '1'); + + BigInt v; + +@@ -143,12 +154,12 @@ std::vector<uint8_t> base58_decode(const char input[], size_t input_length) + if(c == ' ' || c == '\n') + continue; + +- const size_t idx = base58.code_for(c); ++ const uint8_t idx = base58_value_of(c); + +- if(idx == 0x80) ++ if(idx == 0xFF) + throw Decoding_Error("Invalid base58"); + +- v *= base58.radix(); ++ v *= 58; + v += idx; + } + +diff --git a/src/lib/codec/base64/base64.cpp b/src/lib/codec/base64/base64.cpp +index b4f78bca0..bb286cc6e 100644 +--- a/src/lib/codec/base64/base64.cpp ++++ b/src/lib/codec/base64/base64.cpp +@@ -1,6 +1,6 @@ + /* + * Base64 Encoding and Decoding +-* (C) 2010,2015 Jack Lloyd ++* (C) 2010,2015,2020 Jack Lloyd + * + * Botan is released under the Simplified BSD License (see license.txt) + */ +@@ -9,6 +9,7 @@ + #include <botan/internal/codec_base.h> + #include <botan/exceptn.h> + #include <botan/internal/rounding.h> ++#include <botan/internal/ct_utils.h> + + namespace Botan { + +@@ -58,41 +59,11 @@ class Base64 final + return (round_up(input_length, m_encoding_bytes_out) * m_encoding_bytes_in) / m_encoding_bytes_out; + } + +- static void encode(char out[8], const uint8_t in[5]) noexcept +- { +- out[0] = Base64::m_bin_to_base64[(in[0] & 0xFC) >> 2]; +- out[1] = Base64::m_bin_to_base64[((in[0] & 0x03) << 4) | (in[1] >> 4)]; +- out[2] = Base64::m_bin_to_base64[((in[1] & 0x0F) << 2) | (in[2] >> 6)]; +- out[3] = Base64::m_bin_to_base64[in[2] & 0x3F]; +- } ++ static void encode(char out[8], const uint8_t in[5]) noexcept; + +- static inline uint8_t lookup_binary_value(char input) noexcept +- { +- return Base64::m_base64_to_bin[static_cast<uint8_t>(input)]; +- } ++ static uint8_t lookup_binary_value(char input) noexcept; + +- static inline bool check_bad_char(uint8_t bin, char input, bool ignore_ws) +- { +- if(bin <= 0x3F) +- { +- return true; +- } +- else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws))) +- { +- std::string bad_char(1, input); +- if(bad_char == "\t") +- { bad_char = "\\t"; } +- else if(bad_char == "\n") +- { bad_char = "\\n"; } +- else if(bad_char == "\r") +- { bad_char = "\\r"; } +- +- throw Invalid_Argument( +- std::string("base64_decode: invalid base64 character '") + +- bad_char + "'"); +- } +- return false; +- } ++ static bool check_bad_char(uint8_t bin, char input, bool ignore_ws); + + static void decode(uint8_t* out_ptr, const uint8_t decode_buf[4]) + { +@@ -110,57 +81,104 @@ class Base64 final + static const size_t m_encoding_bits = 6; + static const size_t m_remaining_bits_before_padding = 8; + +- + static const size_t m_encoding_bytes_in = 3; + static const size_t m_encoding_bytes_out = 4; ++ }; + ++char lookup_base64_char(uint8_t x) ++ { ++ BOTAN_DEBUG_ASSERT(x < 64); ++ ++ const auto in_az = CT::Mask<uint8_t>::is_within_range(x, 26, 51); ++ const auto in_09 = CT::Mask<uint8_t>::is_within_range(x, 52, 61); ++ const auto eq_plus = CT::Mask<uint8_t>::is_equal(x, 62); ++ const auto eq_slash = CT::Mask<uint8_t>::is_equal(x, 63); ++ ++ const char c_AZ = 'A' + x; ++ const char c_az = 'a' + (x - 26); ++ const char c_09 = '0' + (x - 2*26); ++ const char c_plus = '+'; ++ const char c_slash = '/'; ++ ++ char ret = c_AZ; ++ ret = in_az.select(c_az, ret); ++ ret = in_09.select(c_09, ret); ++ ret = eq_plus.select(c_plus, ret); ++ ret = eq_slash.select(c_slash, ret); ++ ++ return ret; ++ } + +- static const uint8_t m_bin_to_base64[64]; +- static const uint8_t m_base64_to_bin[256]; +- }; ++//static ++void Base64::encode(char out[8], const uint8_t in[5]) noexcept ++ { ++ const uint8_t b0 = (in[0] & 0xFC) >> 2; ++ const uint8_t b1 = ((in[0] & 0x03) << 4) | (in[1] >> 4); ++ const uint8_t b2 = ((in[1] & 0x0F) << 2) | (in[2] >> 6); ++ const uint8_t b3 = in[2] & 0x3F; ++ out[0] = lookup_base64_char(b0); ++ out[1] = lookup_base64_char(b1); ++ out[2] = lookup_base64_char(b2); ++ out[3] = lookup_base64_char(b3); ++ } + +-const uint8_t Base64::m_bin_to_base64[64] = ++//static ++uint8_t Base64::lookup_binary_value(char input) noexcept + { +- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', +- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', +- 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', +- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', +- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' +- }; ++ const uint8_t c = static_cast<uint8_t>(input); ++ const auto is_alpha_upper = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('Z')); ++ const auto is_alpha_lower = CT::Mask<uint8_t>::is_within_range(c, uint8_t('a'), uint8_t('z')); ++ const auto is_decimal = CT::Mask<uint8_t>::is_within_range(c, uint8_t('0'), uint8_t('9')); ++ ++ const auto is_plus = CT::Mask<uint8_t>::is_equal(c, uint8_t('+')); ++ const auto is_slash = CT::Mask<uint8_t>::is_equal(c, uint8_t('/')); ++ const auto is_equal = CT::Mask<uint8_t>::is_equal(c, uint8_t('=')); ++ ++ const auto is_whitespace = CT::Mask<uint8_t>::is_any_of(c, { ++ uint8_t(' '), uint8_t('\t'), uint8_t('\n'), uint8_t('\r') ++ }); ++ ++ const uint8_t c_upper = c - uint8_t('A'); ++ const uint8_t c_lower = c - uint8_t('a') + 26; ++ const uint8_t c_decim = c - uint8_t('0') + 2*26; ++ ++ uint8_t ret = 0xFF; // default value ++ ++ ret = is_alpha_upper.select(c_upper, ret); ++ ret = is_alpha_lower.select(c_lower, ret); ++ ret = is_decimal.select(c_decim, ret); ++ ret = is_plus.select(62, ret); ++ ret = is_slash.select(63, ret); ++ ret = is_equal.select(0x81, ret); ++ ret = is_whitespace.select(0x80, ret); ++ ++ return ret; ++ } + +-/* +-* base64 Decoder Lookup Table +-* Warning: assumes ASCII encodings +-*/ +-const uint8_t Base64::m_base64_to_bin[256] = ++//static ++bool Base64::check_bad_char(uint8_t bin, char input, bool ignore_ws) + { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, +- 0x80, 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0x3F, 0x34, 0x35, +- 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0xFF, 0xFF, +- 0xFF, 0x81, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, +- 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, +- 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, +- 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x1A, 0x1B, 0x1C, +- 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, +- 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, +- 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +- }; ++ if(bin <= 0x3F) ++ { ++ return true; ++ } ++ else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws))) ++ { ++ std::string bad_char(1, input); ++ if(bad_char == "\t") ++ { bad_char = "\\t"; } ++ else if(bad_char == "\n") ++ { bad_char = "\\n"; } ++ else if(bad_char == "\r") ++ { bad_char = "\\r"; } ++ ++ throw Invalid_Argument( ++ std::string("base64_decode: invalid base64 character '") + ++ bad_char + "'"); ++ } ++ return false; ++ } ++ + } + + size_t base64_encode(char out[], +diff --git a/src/lib/codec/hex/hex.cpp b/src/lib/codec/hex/hex.cpp +index 6bbd7c28e..1ae21f398 100644 +--- a/src/lib/codec/hex/hex.cpp ++++ b/src/lib/codec/hex/hex.cpp +@@ -1,6 +1,6 @@ + /* + * Hex Encoding and Decoding +-* (C) 2010 Jack Lloyd ++* (C) 2010,2020 Jack Lloyd + * + * Botan is released under the Simplified BSD License (see license.txt) + */ +@@ -8,29 +8,38 @@ + #include <botan/hex.h> + #include <botan/mem_ops.h> + #include <botan/exceptn.h> ++#include <botan/internal/ct_utils.h> + + namespace Botan { + ++namespace { ++ ++char hex_encode_nibble(uint8_t n, bool uppercase) ++ { ++ BOTAN_DEBUG_ASSERT(n <= 15); ++ ++ const auto in_09 = CT::Mask<uint8_t>::is_lt(n, 10); ++ ++ const char c_09 = n + '0'; ++ const char c_af = n + (uppercase ? 'A' : 'a') - 10; ++ ++ return in_09.select(c_09, c_af); ++ } ++ ++} ++ + void hex_encode(char output[], + const uint8_t input[], + size_t input_length, + bool uppercase) + { +- static const uint8_t BIN_TO_HEX_UPPER[16] = { +- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', +- 'A', 'B', 'C', 'D', 'E', 'F' }; +- +- static const uint8_t BIN_TO_HEX_LOWER[16] = { +- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', +- 'a', 'b', 'c', 'd', 'e', 'f' }; +- +- const uint8_t* tbl = uppercase ? BIN_TO_HEX_UPPER : BIN_TO_HEX_LOWER; +- + for(size_t i = 0; i != input_length; ++i) + { +- uint8_t x = input[i]; +- output[2*i ] = tbl[(x >> 4) & 0x0F]; +- output[2*i+1] = tbl[(x ) & 0x0F]; ++ const uint8_t n0 = (input[i] >> 4) & 0xF; ++ const uint8_t n1 = (input[i] ) & 0xF; ++ ++ output[2*i ] = hex_encode_nibble(n0, uppercase); ++ output[2*i+1] = hex_encode_nibble(n1, uppercase); + } + } + +@@ -46,49 +55,43 @@ std::string hex_encode(const uint8_t input[], + return output; + } + ++namespace { ++ ++uint8_t hex_char_to_bin(char input) ++ { ++ const uint8_t c = static_cast<uint8_t>(input); ++ ++ const auto is_alpha_upper = CT::Mask<uint8_t>::is_within_range(c, uint8_t('A'), uint8_t('F')); ++ const auto is_alpha_lower = CT::Mask<uint8_t>::is_within_range(c, uint8_t('a'), uint8_t('f')); ++ const auto is_decimal = CT::Mask<uint8_t>::is_within_range(c, uint8_t('0'), uint8_t('9')); ++ ++ const auto is_whitespace = CT::Mask<uint8_t>::is_any_of(c, { ++ uint8_t(' '), uint8_t('\t'), uint8_t('\n'), uint8_t('\r') ++ }); ++ ++ const uint8_t c_upper = c - uint8_t('A') + 10; ++ const uint8_t c_lower = c - uint8_t('a') + 10; ++ const uint8_t c_decim = c - uint8_t('0'); ++ ++ uint8_t ret = 0xFF; // default value ++ ++ ret = is_alpha_upper.select(c_upper, ret); ++ ret = is_alpha_lower.select(c_lower, ret); ++ ret = is_decimal.select(c_decim, ret); ++ ret = is_whitespace.select(0x80, ret); ++ ++ return ret; ++ } ++ ++} ++ ++ + size_t hex_decode(uint8_t output[], + const char input[], + size_t input_length, + size_t& input_consumed, + bool ignore_ws) + { +- /* +- * Mapping of hex characters to either their binary equivalent +- * or to an error code. +- * If valid hex (0-9 A-F a-f), the value. +- * If whitespace, then 0x80 +- * Otherwise 0xFF +- * Warning: this table assumes ASCII character encodings +- */ +- +- static const uint8_t HEX_TO_BIN[256] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, +- 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x01, +- 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, +- 0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C, +- 0x0D, 0x0E, 0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; +- + uint8_t* out_ptr = output; + bool top_nibble = true; + +@@ -96,7 +99,7 @@ size_t hex_decode(uint8_t output[], + + for(size_t i = 0; i != input_length; ++i) + { +- const uint8_t bin = HEX_TO_BIN[static_cast<uint8_t>(input[i])]; ++ const uint8_t bin = hex_char_to_bin(input[i]); + + if(bin >= 0x10) + { +diff --git a/src/lib/utils/ct_utils.h b/src/lib/utils/ct_utils.h +index 17737a97c..f2e745293 100644 +--- a/src/lib/utils/ct_utils.h ++++ b/src/lib/utils/ct_utils.h +@@ -183,6 +183,30 @@ class Mask + return ~Mask<T>::is_lt(x, y); + } + ++ static Mask<T> is_within_range(T v, T l, T u) ++ { ++ //return Mask<T>::is_gte(v, l) & Mask<T>::is_lte(v, u); ++ ++ const T v_lt_l = v^((v^l) | ((v-l)^v)); ++ const T v_gt_u = u^((u^v) | ((u-v)^u)); ++ const T either = v_lt_l | v_gt_u; ++ return ~Mask<T>(expand_top_bit(either)); ++ } ++ ++ static Mask<T> is_any_of(T v, std::initializer_list<T> accepted) ++ { ++ T accept = 0; ++ ++ for(auto a: accepted) ++ { ++ const T diff = a ^ v; ++ const T eq_zero = ~diff & (diff - 1); ++ accept |= eq_zero; ++ } ++ ++ return Mask<T>(expand_top_bit(accept)); ++ } ++ + /** + * AND-combine two masks + */ +-- +2.31.1 + |