From 8fa876111604e494a754e452090bfdd8fccd64c6 Mon Sep 17 00:00:00 2001 From: Eugene Crosser Date: Mon, 20 Apr 2020 20:47:42 +0200 Subject: [PATCH 1/9] .su objects to gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 9bad79d..d4d27d5 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ *.lo *.a *.la +*.su *.log *.trs *.tar.xz -- 2.39.2 From ab1ccc1f4ceb5786bd722d3a66e870a67972b505 Mon Sep 17 00:00:00 2001 From: Eugene Crosser Date: Thu, 23 Apr 2020 21:57:50 +0200 Subject: [PATCH 2/9] Increase buffer size for base64 encoder (borrowed) base64 encoder apparently uses one byte more than the formula for base64 encoded size shows. This smashed a local variable, which was not used afterwards and did not cause problems, but triggered stack smash detector if the caller was compiled to use it. --- authfile.c | 2 +- configure.ac | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/authfile.c b/authfile.c index 93157a4..89d3243 100644 --- a/authfile.c +++ b/authfile.c @@ -190,7 +190,7 @@ struct _auth_obj authfile(const char *userid, const char *password, oldmask = umask(077); if ((fp = fopen(nfn, "w"))) { - int bsize = ((ao.datasize-1)/3+1)*4+1; + int bsize = ((ao.datasize-1)/3+1)*4+2; /* why +2 ??? */ char *b64 = alloca(bsize); if (b64_encode(ao.data, ao.datasize, b64, &bsize)) { diff --git a/configure.ac b/configure.ac index 8adf940..2ac5dd9 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT([pam_pcsc_cr], 0.9.5) +AC_INIT([pam_pcsc_cr], 0.9.6) AC_CONFIG_SRCDIR([pam_pcsc_cr.c]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE @@ -11,6 +11,7 @@ AC_PROG_CC if test "X$CC" = "Xgcc"; then CFLAGS="$CFLAGS -Wall" fi +dnl -fstack-protector-all -fsanitize=address AC_PROG_MAKE_SET AC_SUBST(PROGS)dnl -- 2.39.2 From 6df3f2e61d2404c8673b64523b9e77de899f3878 Mon Sep 17 00:00:00 2001 From: Eugene Crosser Date: Mon, 26 Dec 2022 22:05:20 +0100 Subject: [PATCH 3/9] autoconf: update to newer autotools --- .gitignore | 1 + configure.ac | 14 ++++++-------- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index d4d27d5..6a3d3d2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +*~ *.o *.lo *.a diff --git a/configure.ac b/configure.ac index 2ac5dd9..987690c 100644 --- a/configure.ac +++ b/configure.ac @@ -1,23 +1,23 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT([pam_pcsc_cr], 0.9.6) +AC_INIT([pam_pcsc_cr],[0.9.6]) AC_CONFIG_SRCDIR([pam_pcsc_cr.c]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE -AM_CONFIG_HEADER([config.h]) -AC_LANG_C +AC_CONFIG_HEADERS([config.h]) +AC_LANG([C]) AC_PROG_CC if test "X$CC" = "Xgcc"; then - CFLAGS="$CFLAGS -Wall" + CFLAGS="$CFLAGS -Wall -fstack-protector-all -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3" fi -dnl -fstack-protector-all -fsanitize=address +dnl make CFLAGS="-fsanitize=address -fno-omit-frame-pointer -g" LDFLAGS="-static-libasan" AC_PROG_MAKE_SET AC_SUBST(PROGS)dnl AC_SUBST(LIBPROGS)dnl AC_PROG_INSTALL -AM_PROG_LIBTOOL +LT_INIT PKG_PROG_PKG_CONFIG AC_CHECK_HEADERS([security/pam_appl.h], [], [ @@ -104,8 +104,6 @@ AS_IF([test "x$use_gcrypt" = "xyes"], [ AC_SUBST(CRYPTO_OBJS) dnl Checks for header files. -AC_HEADER_STDC -AC_HEADER_TIME AC_CHECK_HEADERS([winscard.h reader.h], [], [AC_MSG_ERROR([[pcsclite headers not found]])]) -- 2.39.2 From 582ef0444a7687b9d8b08b484d8584f5b35618e5 Mon Sep 17 00:00:00 2001 From: Eugene Crosser Date: Mon, 26 Dec 2022 22:59:12 +0100 Subject: [PATCH 4/9] autoconf: add hardening for clang --- configure.ac | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index 987690c..5e02971 100644 --- a/configure.ac +++ b/configure.ac @@ -10,8 +10,10 @@ AC_PROG_CC if test "X$CC" = "Xgcc"; then CFLAGS="$CFLAGS -Wall -fstack-protector-all -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3" -fi dnl make CFLAGS="-fsanitize=address -fno-omit-frame-pointer -g" LDFLAGS="-static-libasan" +else if test "X$CC" = "Xclang"; then + CFLAGS="$CFLAGS -Wall -Wformat -Wformat-security -Werror=format-security -fstack-protector-all -fsanitize=safe-stack -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" +fi; fi AC_PROG_MAKE_SET AC_SUBST(PROGS)dnl -- 2.39.2 From a91fa6c2aaa95825f3d9db6c7ed9291e7b2b7263 Mon Sep 17 00:00:00 2001 From: Eugene Crosser Date: Mon, 26 Dec 2022 23:00:07 +0100 Subject: [PATCH 5/9] base64: do not add trailing '\n', cleanup test --- authfile.c | 2 +- base64.c | 1 - test_base64.c | 15 ++++++++------- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/authfile.c b/authfile.c index 89d3243..93157a4 100644 --- a/authfile.c +++ b/authfile.c @@ -190,7 +190,7 @@ struct _auth_obj authfile(const char *userid, const char *password, oldmask = umask(077); if ((fp = fopen(nfn, "w"))) { - int bsize = ((ao.datasize-1)/3+1)*4+2; /* why +2 ??? */ + int bsize = ((ao.datasize-1)/3+1)*4+1; char *b64 = alloca(bsize); if (b64_encode(ao.data, ao.datasize, b64, &bsize)) { diff --git a/base64.c b/base64.c index 8f16cdc..3ef6bb2 100644 --- a/base64.c +++ b/base64.c @@ -140,7 +140,6 @@ static int base64_encode_blockend(char* code_out, base64_encodestate* state_in) case step_A: break; } - *codechar++ = '\n'; return codechar - code_out; } diff --git a/test_base64.c b/test_base64.c index 2df9639..f099be2 100644 --- a/test_base64.c +++ b/test_base64.c @@ -34,22 +34,23 @@ static unsigned char src[40] = "Quick brown fox jumps over the lazy dog"; int main(int argc, char *argv[]) { - char b64[80]; - unsigned char dst[44]; + int rc; + char b64[57]; /* Must be: ((ssize-1)/3+1)*4+1) = 57 */ + char unsigned dst[42]; /* Must be: strlen(b64)*3/4 = 42 */ int bsize, dsize; - printf("src=\"%s\" (%d)\n", src, (int)sizeof(src)); + printf("src=\"%s\" (%lu/%d)\n", src, strlen((char *)src), (int)sizeof(src)); bsize = sizeof(b64); if (b64_encode(src, sizeof(src), b64, &bsize)) { fprintf(stderr, "encode error\n"); return 1; } - printf("b64=\"%s\" (%d)\n", b64, bsize); + printf("b64=\"%s\" (%lu/%d)\n", b64, strlen(b64), bsize); dsize = sizeof(dst); - if (b64_decode(b64, dst, &dsize)) { - fprintf(stderr, "decode error\n"); + if ((rc = b64_decode(b64, dst, &dsize))) { + fprintf(stderr, "decode error, rc=%d\n", rc); return 1; } - printf("dst=\"%s\" (%d)\n", dst, dsize); + printf("dst=\"%s\" (%lu/%d)\n", dst, strlen((char *)dst), dsize); return !(dsize == sizeof(src) && !memcmp(src, dst, dsize)); } -- 2.39.2 From cc9b90217adb5f69875fb9196adf08473b618ad0 Mon Sep 17 00:00:00 2001 From: Eugene Crosser Date: Fri, 2 Jun 2023 00:16:51 +0200 Subject: [PATCH 6/9] harmonize types --- authfile.c | 10 +++++----- authfile.h | 8 ++++---- authobj.c | 34 +++++++++++++++++----------------- authobj.h | 12 ++++++------ base64.c | 5 +++++ configure.ac | 7 +++---- crypto.c | 11 ++++++----- crypto.h | 10 +++++----- crypto_if.h | 18 +++++++++--------- gnu_crypto.c | 18 +++++++++--------- ossl_crypto.c | 18 +++++++++--------- pam_cr_setup.c | 10 +++++----- pam_pcsc_cr.c | 8 ++++---- pcsc_cr.c | 3 ++- pcsc_cr.h | 4 ++-- serial.c | 16 ++++++++-------- serial.h | 12 ++++++------ test_auth.c | 20 ++++++++++---------- test_chalresp.c | 10 +++++----- test_crypto.c | 10 +++++----- test_serial.c | 8 ++++---- tom_crypto.c | 18 +++++++++--------- 22 files changed, 138 insertions(+), 132 deletions(-) diff --git a/authfile.c b/authfile.c index 93157a4..17354b8 100644 --- a/authfile.c +++ b/authfile.c @@ -108,11 +108,11 @@ int parse(char * const buf, const int argc, const char *argv[const]) } struct _auth_obj authfile(const char *userid, const char *password, - void (*update_nonce)(char *nonce, const int nonsize), - const unsigned char *secret, const int secsize, - const unsigned char *payload, const int paylsize, + void (*update_nonce)(char *nonce, const size_t nonsize), + const unsigned char *secret, const size_t secsize, + const unsigned char *payload, const size_t paylsize, struct _auth_chunk (*fetch_key)(const unsigned char *chal, - const int csize)) + const size_t csize)) { struct _auth_obj ret = {0}; const struct passwd *pw = NULL; @@ -200,7 +200,7 @@ struct _auth_obj authfile(const char *userid, const char *password, ret.err = strerror(errno); } if (st.st_uid || st.st_gid) { - if (fchown(fileno(fp), st.st_uid, st.st_gid)) /*ign*/; + if (fchown(fileno(fp), st.st_uid, st.st_gid)) {/*ign*/;} } if (fclose(fp) < 0) { ret.err = strerror(errno); diff --git a/authfile.h b/authfile.h index ad6fbc1..1a304f6 100644 --- a/authfile.h +++ b/authfile.h @@ -27,10 +27,10 @@ freely, subject to the following restrictions: void authfile_template(const char *template); struct _auth_obj authfile(const char *userid, const char *password, - void (*update_nonce)(char *nonce, const int nonsize), - const unsigned char *secret, const int secsize, - const unsigned char *payload, const int paysize, + void (*update_nonce)(char *nonce, const size_t nonsize), + const unsigned char *secret, const size_t secsize, + const unsigned char *payload, const size_t paysize, struct _auth_chunk (*fetch_key)(const unsigned char *chal, - const int csize)); + const size_t csize)); #endif diff --git a/authobj.c b/authobj.c index b4a1f2b..7e3c2ed 100644 --- a/authobj.c +++ b/authobj.c @@ -38,10 +38,10 @@ make_challenge(const char *uid, const char *pass, const char *nonce) struct _auth_chunk ho = {0}; unsigned long rc; serializer_t srl; - int datasize = strlen(uid) + strlen(pass) + strlen(nonce) + + size_t datasize = strlen(uid) + strlen(pass) + strlen(nonce) + 4 * sizeof(short); unsigned char *data = alloca(datasize); - int hashsize = sizeof(ho.data); + size_t hashsize = sizeof(ho.data); serial_init(&srl, data, datasize); if (serial_put(&srl, uid, strlen(uid)) != strlen(uid)) { @@ -65,12 +65,12 @@ make_challenge(const char *uid, const char *pass, const char *nonce) } static struct _auth_chunk -new_key(const unsigned char *challenge, const int challengesize, - const unsigned char *secret, const int secsize) +new_key(const unsigned char *challenge, const size_t challengesize, + const unsigned char *secret, const size_t secsize) { struct _auth_chunk ho = {0}; unsigned long rc; - int keysize = sizeof(ho.data); + size_t keysize = sizeof(ho.data); if ((rc = hmac(secret, secsize, challenge, challengesize, &ho.data, &keysize))) { @@ -85,7 +85,7 @@ static struct _auth_chunk make_key(const char *userid, const char *password, const char *nonce, const unsigned char *secret, const int secsize, struct _auth_chunk (*fetch_key)(const unsigned char *chal, - const int csize)) + const size_t csize)) { struct _auth_chunk ho_chal, ho_key = {0}; @@ -112,15 +112,15 @@ make_key(const char *userid, const char *password, const char *nonce, static struct _auth_obj make_authobj(const char *userid, const char *password, const char *nonce, - const unsigned char *secret, const int secsize, - const unsigned char *payload, const int paylsize) + const unsigned char *secret, const size_t secsize, + const unsigned char *payload, const size_t paylsize) { struct _auth_obj ao = {0}; unsigned long rc; unsigned char *data; - int datasize; + size_t datasize; unsigned char datahash[HASHSIZE]; - int datahashsize = HASHSIZE; + size_t datahashsize = HASHSIZE; serializer_t srl; datasize = ((secsize + paylsize + HASHSIZE + 4 * sizeof(short) - 1) / @@ -182,7 +182,7 @@ parse_authobj(const char *userid, const char *password, const char *nonce, const unsigned char *secret, const int secsize, const unsigned char *ablob, const int blobsize, struct _auth_chunk (*fetch_key)(const unsigned char *chal, - const int csize)) + const size_t csize)) { unsigned long rc; struct _auth_obj ao = {0}; @@ -199,9 +199,9 @@ parse_authobj(const char *userid, const char *password, const char *nonce, } else { serializer_t srl; unsigned char myhash[HASHSIZE]; - int myhsize = HASHSIZE; + size_t myhsize = HASHSIZE; unsigned char *theirhash; - int theirhsize; + size_t theirhsize; unsigned long rc; serial_init(&srl, ao.buffer, blobsize); @@ -227,11 +227,11 @@ parse_authobj(const char *userid, const char *password, const char *nonce, struct _auth_obj authobj(const char *userid, const char *password, const char *oldnonce, const char *newnonce, - const unsigned char *secret, const int secsize, - const unsigned char *payload, const int paylsize, - const unsigned char *ablob, const int blobsize, + const unsigned char *secret, const size_t secsize, + const unsigned char *payload, const size_t paylsize, + const unsigned char *ablob, const size_t blobsize, struct _auth_chunk (*fetch_key)(const unsigned char *chal, - const int csize)) + const size_t csize)) { const unsigned char *wsecret; int wsecsize; diff --git a/authobj.h b/authobj.h index 158c52c..6814264 100644 --- a/authobj.h +++ b/authobj.h @@ -35,18 +35,18 @@ struct _auth_obj { unsigned char *buffer; /* to be free()'d if not NULL */ const char *err; /* non-NULL if failed */ unsigned char *data; - int datasize; + size_t datasize; unsigned char *payload; - int paylsize; + size_t paylsize; }; /* Construct new or repack old authobj, return payload */ struct _auth_obj authobj(const char *userid, const char *password, const char *oldnonce, const char *newnonce, - const unsigned char *secret, const int secsize, - const unsigned char *payload, const int paysize, - const unsigned char *ablob, const int blobsize, + const unsigned char *secret, const size_t secsize, + const unsigned char *payload, const size_t paysize, + const unsigned char *ablob, const size_t blobsize, struct _auth_chunk (*fetch_key)(const unsigned char *chal, - const int csize)); + const size_t csize)); #endif diff --git a/base64.c b/base64.c index 3ef6bb2..96ae3b8 100644 --- a/base64.c +++ b/base64.c @@ -91,6 +91,7 @@ static int base64_encode_block(const unsigned char* plaintext_in, int length_in, result = (fragment & 0x0fc) >> 2; *codechar++ = base64_encode_value(result); result = (fragment & 0x003) << 4; + /* fallthrough */ case step_B: if (plainchar == plaintextend) { @@ -102,6 +103,7 @@ static int base64_encode_block(const unsigned char* plaintext_in, int length_in, result |= (fragment & 0x0f0) >> 4; *codechar++ = base64_encode_value(result); result = (fragment & 0x00f) << 2; + /* fallthrough */ case step_C: if (plainchar == plaintextend) { @@ -189,6 +191,7 @@ static int base64_decode_block(const char* code_in, const int length_in, unsigne fragment = (char)base64_decode_value(*codechar++); } while (fragment < 0); *plainchar = (fragment & 0x03f) << 2; + /* fallthrough */ case step_b: do { if (codechar == code_in+length_in) @@ -201,6 +204,7 @@ static int base64_decode_block(const char* code_in, const int length_in, unsigne } while (fragment < 0); *plainchar++ |= (fragment & 0x030) >> 4; *plainchar = (fragment & 0x00f) << 4; + /* fallthrough */ case step_c: do { if (codechar == code_in+length_in) @@ -213,6 +217,7 @@ static int base64_decode_block(const char* code_in, const int length_in, unsigne } while (fragment < 0); *plainchar++ |= (fragment & 0x03c) >> 2; *plainchar = (fragment & 0x003) << 6; + /* fallthrough */ case step_d: do { if (codechar == code_in+length_in) diff --git a/configure.ac b/configure.ac index 5e02971..1dfe833 100644 --- a/configure.ac +++ b/configure.ac @@ -9,10 +9,9 @@ AC_LANG([C]) AC_PROG_CC if test "X$CC" = "Xgcc"; then - CFLAGS="$CFLAGS -Wall -fstack-protector-all -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3" -dnl make CFLAGS="-fsanitize=address -fno-omit-frame-pointer -g" LDFLAGS="-static-libasan" + CFLAGS="$CFLAGS -Wextra -Wall -Werror -Wno-unused-parameter -Wno-deprecated-declarations -fstack-protector-all -fsanitize=address -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3" else if test "X$CC" = "Xclang"; then - CFLAGS="$CFLAGS -Wall -Wformat -Wformat-security -Werror=format-security -fstack-protector-all -fsanitize=safe-stack -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" + CFLAGS="$CFLAGS -Wextra -Wall -Werror -Wno-unused-parameter -Wno-deprecated-declarations -Wformat -Wformat-security -fstack-protector-all -fsanitize=safe-stack -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" fi; fi AC_PROG_MAKE_SET @@ -78,7 +77,7 @@ AC_ARG_ENABLE(gcrypt, is present]) AS_IF([test "x$use_openssl" != "xyes" && test "x$use_tomcrypt" != "xyes" || \ - test "x$enable_tomcrypt" = "xyes"], [ + test "x$enable_gcrypt" = "xyes"], [ AM_PATH_LIBGCRYPT() ]) AS_IF([test "x$LIBGCRYPT_CFLAGS" != "x" -o "x$LIBGCRYPT_LIBS" != "x" ], [ diff --git a/crypto.c b/crypto.c index cb996e8..afd9ee1 100644 --- a/crypto.c +++ b/crypto.c @@ -24,6 +24,7 @@ freely, subject to the following restrictions: #ifdef HAVE_CONFIG_H # include "config.h" #endif +#include #include #include "crypto.h" #include "crypto_if.h" @@ -44,7 +45,7 @@ static struct crypto_interface *ifs[] = { #endif (struct crypto_interface *)0, }; -#define MAX_IF (sizeof(ifs)/sizeof(struct crypto_interface *)-2) +#define MAX_IF (int)(sizeof(ifs)/sizeof(struct crypto_interface *)-2) static int which = 0; @@ -63,7 +64,7 @@ const char *crypto_init(const int ifno) #define INITIV {0} -unsigned long encrypt(const void *key, const int keylen, const void *pt, void *ct, const int tlen) +unsigned long encrypt(const void *key, const size_t keylen, const void *pt, void *ct, const size_t tlen) { unsigned char iv[16] = INITIV; @@ -71,7 +72,7 @@ unsigned long encrypt(const void *key, const int keylen, const void *pt, void *c return ifs[which]->encrypt(key, keylen, iv, pt, ct, tlen); } -unsigned long decrypt(const void *key, const int keylen, const void *ct, void *pt, const int tlen) +unsigned long decrypt(const void *key, const size_t keylen, const void *ct, void *pt, const size_t tlen) { unsigned char iv[16] = INITIV; @@ -79,13 +80,13 @@ unsigned long decrypt(const void *key, const int keylen, const void *ct, void *p return ifs[which]->decrypt(key, keylen, iv, ct, pt, tlen); } -unsigned long hash(const void *pt, const int tlen, void *tag, int *taglen) +unsigned long hash(const void *pt, const size_t tlen, void *tag, size_t *taglen) { assert(*taglen == 20); return ifs[which]->hash(pt, tlen, tag, taglen); } -unsigned long hmac(const void *key, const int keylen, const void *pt, const int tlen, void *tag, int *taglen) +unsigned long hmac(const void *key, const size_t keylen, const void *pt, const size_t tlen, void *tag, size_t *taglen) { assert(*taglen == 20); return ifs[which]->hmac(key, keylen, pt, tlen, tag, taglen); diff --git a/crypto.h b/crypto.h index 8d5e7be..56b8607 100644 --- a/crypto.h +++ b/crypto.h @@ -26,11 +26,11 @@ freely, subject to the following restrictions: int select_crypto_if(const int ifno); const char *crypto_init(const int ifno); -unsigned long encrypt(const void *key, const int keylen, const void *pt, void *ct, const int tlen); -unsigned long decrypt(const void *key, const int keylen, const void *ct, void *pt, const int tlen); -unsigned long hash(const void *pt, const int tlen, void *tag, int *taglen); -unsigned long hmac(const void *key, const int keylen, const void *pt, const int tlen, - void *tag, int *taglen); +unsigned long encrypt(const void *key, const size_t keylen, const void *pt, void *ct, const size_t tlen); +unsigned long decrypt(const void *key, const size_t keylen, const void *ct, void *pt, const size_t tlen); +unsigned long hash(const void *pt, const size_t tlen, void *tag, size_t *taglen); +unsigned long hmac(const void *key, const size_t keylen, const void *pt, const size_t tlen, + void *tag, size_t *taglen); const char *crypto_errstr(const unsigned long err); #define HASHSIZE 20 diff --git a/crypto_if.h b/crypto_if.h index e2c7579..037ef05 100644 --- a/crypto_if.h +++ b/crypto_if.h @@ -26,15 +26,15 @@ freely, subject to the following restrictions: struct crypto_interface { const char *(*init)(void); - unsigned long (*encrypt)(const void *key, const int keylen, void *iv, - const void *pt, void *ct, const int tlen); - unsigned long (*decrypt)(const void *key, const int keylen, void *iv, - const void *ct, void *pt, const int tlen); - unsigned long (*hash)(const void *pt, const int tlen, - void *tag, int *taglen); - unsigned long (*hmac)(const void *key, const int keylen, - const void *pt, const int tlen, - void *tag, int *taglen); + unsigned long (*encrypt)(const void *key, const size_t keylen, void *iv, + const void *pt, void *ct, const size_t tlen); + unsigned long (*decrypt)(const void *key, const size_t keylen, void *iv, + const void *ct, void *pt, const size_t tlen); + unsigned long (*hash)(const void *pt, const size_t tlen, + void *tag, size_t *taglen); + unsigned long (*hmac)(const void *key, const size_t keylen, + const void *pt, const size_t tlen, + void *tag, size_t *taglen); const char *(*errstr)(const unsigned long err); }; diff --git a/gnu_crypto.c b/gnu_crypto.c index 5c8621d..0537175 100644 --- a/gnu_crypto.c +++ b/gnu_crypto.c @@ -36,8 +36,8 @@ static const char *gnu_init(void) return "gcrypt"; } -static unsigned long gnu_encrypt(const void *key, const int keylen, void *iv, - const void *pt, void *ct, const int tlen) +static unsigned long gnu_encrypt(const void *key, const size_t keylen, void *iv, + const void *pt, void *ct, const size_t tlen) { gcry_error_t err; gcry_cipher_hd_t hd; @@ -56,8 +56,8 @@ static unsigned long gnu_encrypt(const void *key, const int keylen, void *iv, return 0UL; } -static unsigned long gnu_decrypt(const void *key, const int keylen, void *iv, - const void *ct, void *pt, const int tlen) +static unsigned long gnu_decrypt(const void *key, const size_t keylen, void *iv, + const void *ct, void *pt, const size_t tlen) { gcry_error_t err; gcry_cipher_hd_t hd; @@ -76,8 +76,8 @@ static unsigned long gnu_decrypt(const void *key, const int keylen, void *iv, return 0UL; } -static unsigned long gnu_hash(const void *pt, const int tlen, - void *tag, int *taglen) +static unsigned long gnu_hash(const void *pt, const size_t tlen, + void *tag, size_t *taglen) { gcry_error_t err; gcry_md_hd_t hd; @@ -95,9 +95,9 @@ static unsigned long gnu_hash(const void *pt, const int tlen, return 0UL; } -static unsigned long gnu_hmac(const void *key, const int keylen, - const void *pt, const int tlen, - void *tag, int *taglen) +static unsigned long gnu_hmac(const void *key, const size_t keylen, + const void *pt, const size_t tlen, + void *tag, size_t *taglen) { gcry_error_t err; gcry_md_hd_t hd; diff --git a/ossl_crypto.c b/ossl_crypto.c index 4cf0afa..fbf72b2 100644 --- a/ossl_crypto.c +++ b/ossl_crypto.c @@ -37,8 +37,8 @@ static const char *ossl_init(void) return "openssl"; } -static unsigned long ossl_encrypt(const void *key, const int keylen, void *iv, - const void *pt, void *ct, const int tlen) +static unsigned long ossl_encrypt(const void *key, const size_t keylen, void *iv, + const void *pt, void *ct, const size_t tlen) { AES_KEY akey; @@ -48,8 +48,8 @@ static unsigned long ossl_encrypt(const void *key, const int keylen, void *iv, return 0UL; } -static unsigned long ossl_decrypt(const void *key, const int keylen, void *iv, - const void *ct, void *pt, const int tlen) +static unsigned long ossl_decrypt(const void *key, const size_t keylen, void *iv, + const void *ct, void *pt, const size_t tlen) { AES_KEY akey; @@ -59,8 +59,8 @@ static unsigned long ossl_decrypt(const void *key, const int keylen, void *iv, return 0UL; } -static unsigned long ossl_hash(const void *pt, const int tlen, - void *tag, int *taglen) +static unsigned long ossl_hash(const void *pt, const size_t tlen, + void *tag, size_t *taglen) { SHA_CTX sctx; @@ -71,9 +71,9 @@ static unsigned long ossl_hash(const void *pt, const int tlen, return 0UL; } -static unsigned long ossl_hmac(const void *key, int const keylen, - const void *pt, const int tlen, - void *tag, int *taglen) +static unsigned long ossl_hmac(const void *key, size_t const keylen, + const void *pt, const size_t tlen, + void *tag, size_t *taglen) { #if 0 HMAC_CTX hctx; diff --git a/pam_cr_setup.c b/pam_cr_setup.c index 612747a..0a5f1f4 100644 --- a/pam_cr_setup.c +++ b/pam_cr_setup.c @@ -35,11 +35,11 @@ freely, subject to the following restrictions: #include "pcsc_cr.h" static struct _auth_chunk -token_key(const unsigned char *challenge, const int challengesize) +token_key(const unsigned char *challenge, const size_t challengesize) { struct _auth_chunk ho = {0}; long rc; - int keysize = sizeof(ho.data); + size_t keysize = sizeof(ho.data); if ((rc = pcsc_cr(challenge, challengesize, ho.data, &keysize))) { ho.err = pcsc_errstr(rc); @@ -49,7 +49,7 @@ token_key(const unsigned char *challenge, const int challengesize) static char *mynonce = NULL; -static void update_nonce(char *nonce, const int nonsize) +static void update_nonce(char *nonce, const size_t nonsize) { if (mynonce) { snprintf(nonce, nonsize, "%s", mynonce); @@ -197,8 +197,8 @@ int main(int argc, char *argv[]) exit(EXIT_FAILURE); } else if (verbose) { printf("version: %s\n", VERSION); - printf("userid : \"%.*s\"\n", ao.datasize, ao.data); - printf("payload: \"%.*s\"\n", ao.paylsize, ao.payload); + printf("userid : \"%.*s\"\n", (int)ao.datasize, ao.data); + printf("payload: \"%.*s\"\n", (int)ao.paylsize, ao.payload); } if (ao.buffer) free(ao.buffer); return 0; diff --git a/pam_pcsc_cr.c b/pam_pcsc_cr.c index f729fad..82f08ad 100644 --- a/pam_pcsc_cr.c +++ b/pam_pcsc_cr.c @@ -110,11 +110,11 @@ static int pam_get_authtok(pam_handle_t *pamh, int item, const char **authtok, #endif static struct _auth_chunk -token_key(const unsigned char *challenge, const int challengesize) +token_key(const unsigned char *challenge, const size_t challengesize) { struct _auth_chunk ho = {0}; long rc; - int keysize = sizeof(ho.data); + size_t keysize = sizeof(ho.data); if ((rc = pcsc_cr(challenge, challengesize, ho.data, &keysize))) { ho.err = pcsc_errstr(rc); @@ -122,7 +122,7 @@ token_key(const unsigned char *challenge, const int challengesize) return ho; } -static void update_nonce(char *nonce, const int nonsize) +static void update_nonce(char *nonce, const size_t nonsize) { int n = 0; @@ -186,7 +186,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, } ao = authfile(user, password, update_nonce, - NULL, 0, NULL, 0, token_key); + NULL, (size_t)0, NULL, (size_t)0, token_key); if (ao.err) { if (cfg.verbose) syslog(LOG_INFO, "authfile: %s", ao.err); return PAM_AUTH_ERR; diff --git a/pcsc_cr.c b/pcsc_cr.c index 7f2ccff..03a9e70 100644 --- a/pcsc_cr.c +++ b/pcsc_cr.c @@ -41,7 +41,8 @@ SCARD_IO_REQUEST pioSendPci; static LONG find_hb(BYTE *atr, DWORD atrsize, BYTE **hb, LPDWORD hbsize) { - int i, j, cont; + DWORD i; + int j, cont; if (atrsize < 2) return SCARD_W_UNSUPPORTED_CARD; switch (atr[0]) { case 0x3B: break; diff --git a/pcsc_cr.h b/pcsc_cr.h index 2da8292..9769c2a 100644 --- a/pcsc_cr.h +++ b/pcsc_cr.h @@ -25,8 +25,8 @@ freely, subject to the following restrictions: #define _PCSC_CR_H int pcsc_option(const char *option); -long pcsc_cr(const unsigned char *chal, const int csize, - unsigned char *resp, int *rsize); +long pcsc_cr(const unsigned char *chal, const size_t csize, + unsigned char *resp, size_t *rsize); char *pcsc_errstr(long err); #endif diff --git a/serial.c b/serial.c index 2b81beb..8bb781d 100644 --- a/serial.c +++ b/serial.c @@ -27,15 +27,15 @@ freely, subject to the following restrictions: #include #include "serial.h" -void serial_init(serializer_t *srl, void *buffer, int size) +void serial_init(serializer_t *srl, void *buffer, size_t size) { srl->buffer = srl->cursor = buffer; srl->bufsize = size; } -void serial_switch(serializer_t *srl, void *buffer, int size) +void serial_switch(serializer_t *srl, void *buffer, size_t size) { - int used = srl->cursor - srl->buffer; + size_t used = srl->cursor - srl->buffer; memcpy(buffer, srl->buffer, used); srl->buffer = buffer; @@ -44,9 +44,9 @@ void serial_switch(serializer_t *srl, void *buffer, int size) } /* returns 'size' on success, or remainging space if it was insufficient */ -int serial_put(serializer_t *srl, const void *item, int size) +size_t serial_put(serializer_t *srl, const void *item, size_t size) { - int left = srl->bufsize - (srl->cursor - srl->buffer); + size_t left = srl->bufsize - (srl->cursor - srl->buffer); if (left < size + sizeof(short)) return left - sizeof(short); *((short *)srl->cursor) = size; @@ -57,9 +57,9 @@ int serial_put(serializer_t *srl, const void *item, int size) } /* return 0 on success, -1 on wrong encoding (item longer than space left) */ -int serial_get(serializer_t *srl, void **item, int *size) +int serial_get(serializer_t *srl, void **item, size_t *size) { - int left = srl->bufsize - (srl->cursor - srl->buffer); + size_t left = srl->bufsize - (srl->cursor - srl->buffer); short isize = *((short *)srl->cursor); if (isize + sizeof(short) > left) return -1; @@ -70,7 +70,7 @@ int serial_get(serializer_t *srl, void **item, int *size) return 0; } -int serial_size(serializer_t *srl) +size_t serial_size(serializer_t *srl) { return srl->cursor - srl->buffer; } diff --git a/serial.h b/serial.h index e67edfc..65ee24f 100644 --- a/serial.h +++ b/serial.h @@ -26,14 +26,14 @@ freely, subject to the following restrictions: typedef struct _serializer { char *buffer; - int bufsize; + size_t bufsize; char *cursor; } serializer_t; -void serial_init(serializer_t *srl, void *buffer, int size); -void serial_switch(serializer_t *srl, void *buffer, int size); -int serial_put(serializer_t *srl, const void *item, int size); -int serial_get(serializer_t *srl, void **item, int *size); -int serial_size(serializer_t *srl); +void serial_init(serializer_t *srl, void *buffer, size_t size); +void serial_switch(serializer_t *srl, void *buffer, size_t size); +size_t serial_put(serializer_t *srl, const void *item, size_t size); +int serial_get(serializer_t *srl, void **item, size_t *size); +size_t serial_size(serializer_t *srl); #endif diff --git a/test_auth.c b/test_auth.c index 5a826e8..cf287fc 100644 --- a/test_auth.c +++ b/test_auth.c @@ -34,11 +34,11 @@ unsigned char secret[] = { }; static struct _auth_chunk -conjure_key(const unsigned char *challenge, const int challengesize) +conjure_key(const unsigned char *challenge, const size_t challengesize) { struct _auth_chunk ho = {0}; long rc; - int keysize = sizeof(ho.data); + size_t keysize = sizeof(ho.data); if ((rc = hmac(secret, sizeof(secret), challenge, challengesize, &ho.data, &keysize))) { @@ -50,11 +50,11 @@ conjure_key(const unsigned char *challenge, const int challengesize) } static struct _auth_chunk -token_key(const unsigned char *challenge, const int challengesize) +token_key(const unsigned char *challenge, const size_t challengesize) { struct _auth_chunk ho = {0}; long rc; - int keysize = sizeof(ho.data); + size_t keysize = sizeof(ho.data); if ((rc = pcsc_cr(challenge, challengesize, ho.data, &keysize))) { ho.err = pcsc_errstr(rc); @@ -69,11 +69,11 @@ int main(int argc, char *argv[]) const char *nonce = "1"; const unsigned char *payload = (unsigned char *) "To authorize or not to authorize?"; - int i; + size_t i; struct _auth_obj ao; struct _auth_obj nao; struct _auth_chunk (*fetch_key)(const unsigned char *challenge, - const int challengesize); + const size_t challengesize); if (argc == 2 && strlen(argv[1]) == 40 && strspn(argv[1], "0123456789abcdefABCDEF") == 40) { @@ -88,9 +88,9 @@ int main(int argc, char *argv[]) payload, strlen((char *)payload), NULL, 0, NULL); printf("new_authobj err=%s\n", ao.err?ao.err:""); - printf("data(%d):", ao.datasize); + printf("data(%d):", (int)ao.datasize); for (i = 0; i < ao.datasize; i++) printf(" %02x", ao.data[i]); - printf("\npayload(%d): \"%.*s\"\n", ao.paylsize, ao.paylsize, + printf("\npayload(%d): \"%.*s\"\n", (int)ao.paylsize, (int)ao.paylsize, ao.payload?(char*)ao.payload:""); if (ao.err) { if (ao.buffer) free(ao.buffer); @@ -100,9 +100,9 @@ int main(int argc, char *argv[]) nao = authobj(id, pass, nonce, nonce, NULL, 0, NULL, 0, ao.data, ao.datasize, fetch_key); printf("verify_authobj err=%s\n", nao.err?nao.err:""); - printf("data(%d):", nao.datasize); + printf("data(%d):", (int)nao.datasize); for (i = 0; i < nao.datasize; i++) printf(" %02x", nao.data[i]); - printf("\npayload(%d): \"%.*s\"\n", nao.paylsize, nao.paylsize, + printf("\npayload(%d): \"%.*s\"\n", (int)nao.paylsize, (int)nao.paylsize, nao.payload?(char*)nao.payload:""); if (nao.err) { if (nao.buffer) free(nao.buffer); diff --git a/test_chalresp.c b/test_chalresp.c index 4f0c3e0..2635fea 100644 --- a/test_chalresp.c +++ b/test_chalresp.c @@ -40,10 +40,10 @@ static void usage(const char *const cmd) int main(int argc, char *argv[]) { unsigned char chal[64]; - int csize; + size_t csize; unsigned char rbuf[20]; - int rsize = sizeof(rbuf); - int i; + size_t rsize = sizeof(rbuf); + size_t i; long rc; int c; @@ -69,7 +69,7 @@ int main(int argc, char *argv[]) csize = strlen(argv[optind]); if (csize > sizeof(chal)) { fprintf(stderr, "Challenge longer than %d, cannot do that\n", - csize); + (int)csize); exit(1); } #if 0 @@ -85,7 +85,7 @@ int main(int argc, char *argv[]) memset(rbuf, 0xFE, sizeof(rbuf)); rc = pcsc_cr(chal, csize, rbuf, &rsize); - printf("rc=%ld (%s) rsize=%d:", rc, pcsc_errstr(rc), rsize); + printf("rc=%ld (%s) rsize=%d:", rc, pcsc_errstr(rc), (int)rsize); for (i = 0; i < rsize; i++) printf(" %02x", rbuf[i]); printf("\n"); return rc; diff --git a/test_crypto.c b/test_crypto.c index f9099a2..7199a9c 100644 --- a/test_crypto.c +++ b/test_crypto.c @@ -33,7 +33,7 @@ freely, subject to the following restrictions: #define printh(x) printh_f(#x, x, sizeof(x)) void printh_f(char *p, unsigned char *x, size_t l) { - int i; + size_t i; printf("%s:", p); for (i=0; i Date: Fri, 2 Jun 2023 18:33:08 +0200 Subject: [PATCH 7/9] configure.ac: refuse to generate without libgcrypt Though running resulting `configure` without gcrypt is totally ok Signed-off-by: Eugene Crosser --- configure.ac | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index 1dfe833..0d0e047 100644 --- a/configure.ac +++ b/configure.ac @@ -78,7 +78,11 @@ AC_ARG_ENABLE(gcrypt, AS_IF([test "x$use_openssl" != "xyes" && test "x$use_tomcrypt" != "xyes" || \ test "x$enable_gcrypt" = "xyes"], [ - AM_PATH_LIBGCRYPT() + m4_ifdef([AM_PATH_LIBGCRYPT], [ + AM_PATH_LIBGCRYPT() + ], [ + m4_exit(1) + ]) ]) AS_IF([test "x$LIBGCRYPT_CFLAGS" != "x" -o "x$LIBGCRYPT_LIBS" != "x" ], [ use_gcrypt=yes -- 2.39.2 From 711eacf3c2cca6d94287f580091f59f4cc51ed94 Mon Sep 17 00:00:00 2001 From: Eugene Crosser Date: Tue, 6 Jun 2023 12:34:39 +0200 Subject: [PATCH 8/9] Prototype for reader interface Signed-off-by: Eugene Crosser --- reader.h | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 reader.h diff --git a/reader.h b/reader.h new file mode 100644 index 0000000..ea46c0d --- /dev/null +++ b/reader.h @@ -0,0 +1,20 @@ +#ifndef _READER_H +#define _READER_H + +struct reader_ctx; +struct target_ctx; + +struct reader_interface { + char *name; + struct reader_ctx *(*init_ctx) (void); + int (*parse_option)(struct reader_ctx * ctx, char *key, char *val); + int (*for_each_target)(struct reader_ctx * ctx, + (int *callback)(struct target_ctx * tgt, + void *arg), void *arg); + void (*drop_ctx)(*struct reader_ctx * ctx); + int (*transcieve)(struct target_ctx * tgt, uint8_t * send, + size_t send_size, uint8_t * recv, + size_t *recv_size_p); +}; + +#endif -- 2.39.2 From 1c1fe9c042b9ef04591d199ce5ce0fc3aea79eec Mon Sep 17 00:00:00 2001 From: Eugene Crosser Date: Mon, 5 Jun 2023 21:59:32 +0200 Subject: [PATCH 9/9] configure.ac: remove sanitizer by default --- configure.ac | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index 0d0e047..eb6ed65 100644 --- a/configure.ac +++ b/configure.ac @@ -9,9 +9,9 @@ AC_LANG([C]) AC_PROG_CC if test "X$CC" = "Xgcc"; then - CFLAGS="$CFLAGS -Wextra -Wall -Werror -Wno-unused-parameter -Wno-deprecated-declarations -fstack-protector-all -fsanitize=address -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3" + CFLAGS="$CFLAGS -Wextra -Wall -Werror -Wno-unused-parameter -Wno-deprecated-declarations -fstack-protector-all $ASAN_FLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3" else if test "X$CC" = "Xclang"; then - CFLAGS="$CFLAGS -Wextra -Wall -Werror -Wno-unused-parameter -Wno-deprecated-declarations -Wformat -Wformat-security -fstack-protector-all -fsanitize=safe-stack -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" + CFLAGS="$CFLAGS -Wextra -Wall -Werror -Wno-unused-parameter -Wno-deprecated-declarations -Wformat -Wformat-security -fstack-protector-all $ASAN_FLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" fi; fi AC_PROG_MAKE_SET -- 2.39.2