diff --git a/CMakeLists.txt b/CMakeLists.txt
index 7fe9666277785e2fd9e2c0f1d02c47ae6c6c0b83..8a8ab3b0842f9bdede73ee7b1b2e70fe315df060 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2,7 +2,7 @@ project(cellframe-sdk C)
cmake_minimum_required(VERSION 2.8)
set(CMAKE_C_STANDARD 11)
-set(CELLFRAME_SDK_NATIVE_VERSION "2.6-101")
+set(CELLFRAME_SDK_NATIVE_VERSION "2.6-102")
add_definitions ("-DCELLFRAME_SDK_VERSION=\"${CELLFRAME_SDK_NATIVE_VERSION}\"")
set(DAPSDK_MODULES "")
diff --git a/dap-sdk/crypto/src/dap_enc.c b/dap-sdk/crypto/src/dap_enc.c
index 28f0f753f051cea01042033d824497201265f22a..bb388202b73abac4f794c96408768490c7ad4102 100755
--- a/dap-sdk/crypto/src/dap_enc.c
+++ b/dap-sdk/crypto/src/dap_enc.c
@@ -41,6 +41,7 @@
int dap_enc_init()
{
srand(time(NULL));
+ dap_enc_key_init();
return 0;
}
diff --git a/dap-sdk/crypto/src/dap_enc_dilithium.c b/dap-sdk/crypto/src/dap_enc_dilithium.c
index 9c2660db3f22fab45b8701a71e94b25dbc30112e..076b2b8cac4a6d83c0bbc8be6bb2029ab65d44ea 100755
--- a/dap-sdk/crypto/src/dap_enc_dilithium.c
+++ b/dap-sdk/crypto/src/dap_enc_dilithium.c
@@ -91,13 +91,21 @@ size_t dap_enc_sig_dilithium_verify_sign(struct dap_enc_key * key, const void *
void dap_enc_sig_dilithium_key_delete(struct dap_enc_key * key)
{
- if( key->priv_key_data && key->pub_key_data)
+ if( key->priv_key_data && key->pub_key_data){
dilithium_private_and_public_keys_delete((dilithium_private_key_t *) key->priv_key_data,
(dilithium_public_key_t *) key->pub_key_data);
- else if ( key->pub_key_data )
+ free(key->pub_key_data);
+ free(key->priv_key_data);
+ key->pub_key_data=NULL;
+ key->priv_key_data=NULL;
+ }else if ( key->pub_key_data ){
dilithium_public_key_delete((dilithium_public_key_t *) key->pub_key_data);
- else if ( key->priv_key_data )
- dilithium_public_key_delete((dilithium_public_key_t *) key->priv_key_data);
+ free(key->pub_key_data);
+ key->pub_key_data=NULL;
+ }else if ( key->priv_key_data ){
+ dilithium_private_key_delete((dilithium_private_key_t *) key->priv_key_data);
+ key->priv_key_data=NULL;
+ }
}
@@ -119,6 +127,9 @@ uint8_t* dap_enc_dilithium_write_signature(dilithium_signature_t* a_sign, size_t
size_t l_buflen = dap_enc_dilithium_calc_signagture_size(a_sign);
uint8_t *l_buf = DAP_NEW_SIZE(uint8_t, l_buflen);
+ if(! l_buf)
+ return NULL;
+
memcpy(l_buf, &l_buflen, sizeof(uint64_t));
l_shift_mem += sizeof(uint64_t);
memcpy(l_buf + l_shift_mem, &a_sign->kind, sizeof(dilithium_kind_t));
@@ -136,8 +147,16 @@ uint8_t* dap_enc_dilithium_write_signature(dilithium_signature_t* a_sign, size_t
/* Deserialize a signature */
dilithium_signature_t* dap_enc_dilithium_read_signature(uint8_t *a_buf, size_t a_buflen)
{
- if( !a_buf || (a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t)) ) )
- return NULL ;
+ if (!a_buf){
+ log_it(L_ERROR,"::read_signature() NULL buffer on input");
+ return NULL;
+ }
+ if(a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t) + sizeof (uint64_t) )){
+ log_it(L_ERROR,"::read_signature() Buflen %zd is smaller than first three fields(%zd)", a_buflen,
+ sizeof(uint64_t) + sizeof(dilithium_kind_t) +sizeof (uint64_t) );
+ return NULL;
+ }
+
dilithium_kind_t kind;
uint64_t l_buflen_internal = 0;
memcpy(&l_buflen_internal, a_buf, sizeof(uint64_t));
@@ -152,8 +171,20 @@ dilithium_signature_t* dap_enc_dilithium_read_signature(uint8_t *a_buf, size_t a
l_sign->kind = kind;
uint64_t l_shift_mem = sizeof(uint64_t) + sizeof(dilithium_kind_t);
memcpy(&l_sign->sig_len, a_buf + l_shift_mem, sizeof(uint64_t));
+
+ if( ( l_sign->sig_len> (UINT64_MAX - sizeof(uint64_t) + sizeof(dilithium_kind_t) +sizeof (uint64_t))) ||
+ ( a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t) +sizeof (uint64_t) + l_sign->sig_len ))
+ ){
+ log_it(L_ERROR,"::read_signature() Buflen %zd is smaller than all fields together(%zd)", a_buflen,
+ sizeof(uint64_t) + sizeof(dilithium_kind_t) + l_sign->sig_len );
+ return NULL;
+ }
+
+
l_shift_mem += sizeof(uint64_t);
l_sign->sig_data = DAP_NEW_SIZE(unsigned char, l_sign->sig_len);
+ if (!l_sign->sig_data)
+ log_it(L_ERROR,"::read_signature() Can't allocate sig_data %zd size", l_sign->sig_len);
memcpy(l_sign->sig_data, a_buf + l_shift_mem, l_sign->sig_len);
l_shift_mem += l_sign->sig_len;
return l_sign;
@@ -181,7 +212,7 @@ dilithium_signature_t* dap_enc_dilithium_read_signature_old(uint8_t *a_buf, size
dilithium_signature_t* l_sign = DAP_NEW(dilithium_signature_t);
l_sign->kind = kind;
- size_t l_shift_mem = sizeof(size_t) + sizeof(dilithium_kind_t);
+ size_t l_shift_mem = sizeof(uint32_t) + sizeof(dilithium_kind_t);
memcpy(&l_sign->sig_len, a_buf + l_shift_mem, sizeof(unsigned long long));
l_shift_mem += sizeof(unsigned long long);
l_sign->sig_data = DAP_NEW_SIZE(unsigned char, l_sign->sig_len);
@@ -198,11 +229,11 @@ uint8_t* dap_enc_dilithium_write_private_key(const dilithium_private_key_t* a_pr
if(!dilithium_params_init(&p, a_private_key->kind))
return NULL;
- size_t l_buflen = sizeof(size_t) + sizeof(dilithium_kind_t) + p.CRYPTO_SECRETKEYBYTES; //CRYPTO_PUBLICKEYBYTES;
- uint8_t *l_buf = DAP_NEW_SIZE(uint8_t, l_buflen);
- memcpy(l_buf, &l_buflen, sizeof(size_t));
- memcpy(l_buf + sizeof(size_t), &a_private_key->kind, sizeof(dilithium_kind_t));
- memcpy(l_buf + sizeof(size_t) + sizeof(dilithium_kind_t), a_private_key->data, p.CRYPTO_SECRETKEYBYTES);
+ uint64_t l_buflen = sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_SECRETKEYBYTES; //CRYPTO_PUBLICKEYBYTES;
+ byte_t *l_buf = DAP_NEW_Z_SIZE(byte_t, l_buflen);
+ memcpy(l_buf, &l_buflen, sizeof(uint64_t));
+ memcpy(l_buf + sizeof(uint64_t), &a_private_key->kind, sizeof(dilithium_kind_t));
+ memcpy(l_buf + sizeof(uint64_t) + sizeof(dilithium_kind_t), a_private_key->data, p.CRYPTO_SECRETKEYBYTES);
if(a_buflen_out)
*a_buflen_out = l_buflen;
return l_buf;
@@ -216,7 +247,7 @@ uint8_t* dap_enc_dilithium_write_public_key(const dilithium_public_key_t* a_publ
return NULL;
uint64_t l_buflen = sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_PUBLICKEYBYTES;
- uint8_t *l_buf = DAP_NEW_SIZE(uint8_t, l_buflen);
+ uint8_t *l_buf = DAP_NEW_Z_SIZE(byte_t, l_buflen);
memcpy(l_buf, &l_buflen, sizeof(uint64_t));
memcpy(l_buf + sizeof(uint64_t), &a_public_key->kind, sizeof(dilithium_kind_t));
memcpy(l_buf + sizeof(uint64_t) + sizeof(dilithium_kind_t), a_public_key->data, p.CRYPTO_PUBLICKEYBYTES);
@@ -228,8 +259,15 @@ uint8_t* dap_enc_dilithium_write_public_key(const dilithium_public_key_t* a_publ
/* Deserialize a private key. */
dilithium_private_key_t* dap_enc_dilithium_read_private_key(const uint8_t *a_buf, size_t a_buflen)
{
- if(!a_buf || a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t)))
+ if(!a_buf ){
return NULL;
+ }
+
+ if(a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t))){
+ log_it(L_ERROR,"::read_private_key() Buflen %zd is smaller than first two fields(%zd)", a_buflen,sizeof(uint64_t) + sizeof(dilithium_kind_t) );
+ return NULL;
+ }
+
dilithium_kind_t kind;
uint64_t l_buflen = 0;
memcpy(&l_buflen, a_buf, sizeof(uint64_t));
@@ -239,6 +277,13 @@ dilithium_private_key_t* dap_enc_dilithium_read_private_key(const uint8_t *a_buf
dilithium_param_t p;
if(!dilithium_params_init(&p, kind))
return NULL;
+
+ if(a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_SECRETKEYBYTES ) ){
+ log_it(L_ERROR,"::read_private_key() Buflen %zd is smaller than all fields together(%zd)", a_buflen,
+ sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_SECRETKEYBYTES );
+ return NULL;
+ }
+
dilithium_private_key_t* l_private_key = DAP_NEW(dilithium_private_key_t);
l_private_key->kind = kind;
@@ -261,6 +306,12 @@ dilithium_private_key_t* dap_enc_dilithium_read_private_key_old(const uint8_t *a
dilithium_param_t p;
if(!dilithium_params_init(&p, kind))
return NULL;
+ if(a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_SECRETKEYBYTES ) ){
+ log_it(L_ERROR,"::read_private_key() Buflen %zd is smaller than all fields together(%zd)", a_buflen,
+ sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_SECRETKEYBYTES );
+ return NULL;
+ }
+
dilithium_private_key_t* l_private_key = DAP_NEW(dilithium_private_key_t);
l_private_key->kind = kind;
@@ -272,21 +323,48 @@ dilithium_private_key_t* dap_enc_dilithium_read_private_key_old(const uint8_t *a
/* Deserialize a public key. */
dilithium_public_key_t* dap_enc_dilithium_read_public_key(const uint8_t *a_buf, size_t a_buflen)
{
- if(!a_buf || a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t)))
+ if (!a_buf){
+ log_it(L_ERROR,"::read_public_key() NULL buffer on input");
return NULL;
- dilithium_kind_t kind;
+ }
+ if(a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t))){
+ log_it(L_ERROR,"::read_public_key() Buflen %zd is smaller than first two fields(%zd)", a_buflen,sizeof(uint64_t) + sizeof(dilithium_kind_t) );
+ return NULL;
+ }
+ dilithium_kind_t kind = 0;
uint64_t l_buflen = 0;
memcpy(&l_buflen, a_buf, sizeof(uint64_t));
memcpy(&kind, a_buf + sizeof(uint64_t), sizeof(dilithium_kind_t));
- if(l_buflen != a_buflen)
+ if(l_buflen != a_buflen){
+ log_it(L_ERROR,"::read_public_key() Buflen field inside buffer is %u when expected to be %u", l_buflen, a_buflen);
return NULL;
+ }
dilithium_param_t p;
- if(!dilithium_params_init(&p, kind))
+ if(!dilithium_params_init(&p, kind)){
+ log_it(L_ERROR,"::read_public_key() Can't find params for signature kind %d", kind);
return NULL;
+ }
+
+ if(a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_PUBLICKEYBYTES ) ){
+ log_it(L_ERROR,"::read_public_key() Buflen %zd is smaller than all fields together(%zd)", a_buflen,
+ sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_PUBLICKEYBYTES );
+ return NULL;
+ }
+
dilithium_public_key_t* l_public_key = DAP_NEW_Z(dilithium_public_key_t);
+ if (!l_public_key){
+ log_it(L_CRITICAL,"::read_public_key() Can't allocate memory for public key");
+ return NULL;
+ }
l_public_key->kind = kind;
- l_public_key->data = DAP_NEW_Z_SIZE(unsigned char, p.CRYPTO_PUBLICKEYBYTES);
+ l_public_key->data = DAP_NEW_Z_SIZE(byte_t, p.CRYPTO_PUBLICKEYBYTES);
+ if (!l_public_key->data){
+ log_it(L_CRITICAL,"::read_public_key() Can't allocate memory for public key's data");
+ DAP_DELETE(l_public_key);
+ return NULL;
+ }
+
memcpy(l_public_key->data, a_buf + sizeof(uint64_t) + sizeof(dilithium_kind_t), p.CRYPTO_PUBLICKEYBYTES);
return l_public_key;
}
@@ -299,8 +377,15 @@ dilithium_public_key_t* dap_enc_dilithium_read_public_key(const uint8_t *a_buf,
*/
dilithium_public_key_t* dap_enc_dilithium_read_public_key_old(const uint8_t *a_buf, size_t a_buflen)
{
- if(!a_buf || a_buflen < (sizeof(uint32_t) + sizeof(dilithium_kind_t)))
+ if (!a_buf){
+ log_it(L_ERROR,"::read_public_key() NULL buffer on input");
return NULL;
+ }
+ if(a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t))){
+ log_it(L_ERROR,"::read_public_key() Buflen %zd is smaller than first two fields(%zd)", a_buflen,sizeof(uint64_t) + sizeof(dilithium_kind_t) );
+ return NULL;
+ }
+
dilithium_kind_t kind;
uint32_t l_buflen = 0;
memcpy(&l_buflen, a_buf, sizeof(uint32_t));
@@ -308,8 +393,17 @@ dilithium_public_key_t* dap_enc_dilithium_read_public_key_old(const uint8_t *a_b
if(l_buflen != a_buflen)
return NULL;
dilithium_param_t p;
- if(!dilithium_params_init(&p, kind))
+ if(!dilithium_params_init(&p, kind)){
+ log_it(L_ERROR,"::read_public_key() Can't find params for signature kind %d", kind);
return NULL;
+ }
+
+ if(a_buflen < (sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_PUBLICKEYBYTES ) ){
+ log_it(L_ERROR,"::read_public_key_old() Buflen %zd is smaller than all fields together(%zd)", a_buflen,
+ sizeof(uint64_t) + sizeof(dilithium_kind_t) + p.CRYPTO_PUBLICKEYBYTES );
+ return NULL;
+ }
+
dilithium_public_key_t* l_public_key = DAP_NEW_Z(dilithium_public_key_t);
l_public_key->kind = kind;
diff --git a/dap-sdk/crypto/src/dap_enc_key.c b/dap-sdk/crypto/src/dap_enc_key.c
index c65be02244d2d6478f81fa28b8f2c93a03c91ed7..580127163d885d223b3d0857a501dde984c170f7 100755
--- a/dap-sdk/crypto/src/dap_enc_key.c
+++ b/dap-sdk/crypto/src/dap_enc_key.c
@@ -652,6 +652,7 @@ int dap_enc_key_deserealize_pub_key(dap_enc_key_t *a_key, const uint8_t *a_buf,
case DAP_ENC_KEY_TYPE_SIG_DILITHIUM:
if ( a_key->pub_key_data )
dilithium_public_key_delete((dilithium_public_key_t *) a_key->pub_key_data);
+
a_key->pub_key_data = (uint8_t*) dap_enc_dilithium_read_public_key(a_buf, a_buflen);
if(!a_key->pub_key_data)
{
diff --git a/dap-sdk/crypto/src/sig_dilithium/dilithium_params.c b/dap-sdk/crypto/src/sig_dilithium/dilithium_params.c
index ba5391535cc10e1de813a6a348ffb83b0f9fe330..fa3abe282b5dfc8c2a028989eb1e1e7cf32d8cda 100755
--- a/dap-sdk/crypto/src/sig_dilithium/dilithium_params.c
+++ b/dap-sdk/crypto/src/sig_dilithium/dilithium_params.c
@@ -92,7 +92,8 @@ static const dilithium_param_t dilithium_params[] = {
};
bool dilithium_params_init(dilithium_param_t *params, dilithium_kind_t kind){
- assert(params != NULL);
+ if(!params)
+ return false;
memset(params, 0, sizeof(dilithium_param_t));
diff --git a/dap-sdk/crypto/src/sig_dilithium/dilithium_params.h b/dap-sdk/crypto/src/sig_dilithium/dilithium_params.h
index ef2ee736193bd589e26dd093ca64c692372f428b..135a77e2ee8dbd86683baa81c4cf8f59c55e1241 100755
--- a/dap-sdk/crypto/src/sig_dilithium/dilithium_params.h
+++ b/dap-sdk/crypto/src/sig_dilithium/dilithium_params.h
@@ -67,7 +67,7 @@ typedef struct {
typedef struct {
dilithium_kind_t kind; /* the kind of dilithium */
unsigned char *sig_data;
- unsigned long long sig_len;
+ uint64_t sig_len;
} dilithium_signature_t;
diff --git a/dap-sdk/crypto/src/sig_dilithium/dilithium_sign.c b/dap-sdk/crypto/src/sig_dilithium/dilithium_sign.c
index 74d0c5be377bee7cda040a2a3fd4464adff1791a..fbc106caca8d6eeae954241ce31f0be0d59e1cc4 100755
--- a/dap-sdk/crypto/src/sig_dilithium/dilithium_sign.c
+++ b/dap-sdk/crypto/src/sig_dilithium/dilithium_sign.c
@@ -211,8 +211,8 @@ int dilithium_crypto_sign( dilithium_signature_t *sig, const unsigned char *m, u
unsigned long long i, j;
unsigned int n;
- unsigned char seedbuf[2*SEEDBYTES + CRHBYTES];
- unsigned char tr[CRHBYTES];
+ byte_t seedbuf[2*SEEDBYTES + CRHBYTES]={0};
+ byte_t tr[CRHBYTES]={0};
unsigned char *rho, *key, *mu;
uint16_t nonce = 0;
poly c, chat;