First Pull Request


AES_set_encrypt_key and variants return error codes, but they are ignored briansmith/ring

Look at https://github.com/briansmith/ring/blob/80400f5fdfb3765acd490801c66ddf30d3dc6378/crypto/cipher/e_aes.c#L152 and other instances where those functions are called. The return value is ignored...

Created - 0 comments - bug good-first-bug static-analysis-and-type-safety test-coverage

Don't use `[0; T]` to construct not-yet-initialized values briansmith/ring

It turns out that some test vectors are using all-zero values as inputs, which then get used as expected outputs when we verify,for example, that decrypting a ciphertext results in the original pla...

Created - 0 comments - good-first-bug static-analysis-and-type-safety test-coverage

Improve conventions for passing fixed-sized arrays to FFI functions briansmith/ring

After I filed https://github.com/rust-lang/rust/issues/30382 the feedback was mostly negative so I made it the convention to use `x: *const T/*[N]*/` and `x: *mut T/*[N]*/` instead of `x: &[T; N]` ...

Created - 0 comments - good-first-bug static-analysis-and-type-safety

Use C99 static array size specifier in C function prototypes briansmith/ring

See https://hamberg.no/erlend/posts/2013-02-18-static-array-indices.html Quoting a comment on that page: "this feature is described in 6.7.6.3 bullet 7, ISO/IEC 9899:201x n1570 working draft." In...

Created - 0 comments - good-first-bug static-analysis-and-type-safety

Add tests of unaligned inputs for `ring::digest` briansmith/ring

In particular, test on platforms that require 4-byte alignment for 32-bit integers and/or 8-byte alignment for 64-bit integers.

Created - 0 comments - good-first-bug static-analysis-and-type-safety test-coverage

Expand (NIST) ECDH and X25519 testing briansmith/ring

For both, add test cases for: - Overlong inputs - Cases where the inputs are not reduced mod `q`, but which are otherwise correct. These are invalid for NIST ECDH but valid for X25519. (The NIST EC...

Created - 0 comments - good-first-bug test-coverage

Work around lack of stdalign.h on OpenBSD briansmith/ring

As reported in #287, compilation fails with OpenBSD's GCC 4.8 because it lacks stdalign.h: ``` --- stderr In file included from crypto/aes/aes.c:55:0: crypto/aes/../internal.h:136:22: fatal error:...

Created - 0 comments - good-first-bug

Mark C function return values as `#[must_use]` briansmith/ring

One approach is to use (if/when it is implemented) the proposed `#[must_use]` annotation on functions: https://github.com/rust-lang/rfcs/pull/886. Another approach is to change the return value ...

Created - 0 comments - good-first-bug static-analysis-and-type-safety

The compiler doesn't tell us when we ignore a return value in C code briansmith/ring

- We should turn on the strictest "warn about any unused return values" warnings that every compiler (GCC, clang, MSVC) supports. Unfortunately, it seems like in general compilers don't have such a...

Created - 1 comment - good-first-bug static-analysis-and-type-safety

Expand testing of invalid ECDSA signatures briansmith/ring

- [ ] Test cases where the ASN.1 is malformed in various ways. - [ ] Test cases where r is negative, zero, and greater or equal to `n`. - [ ] Test cases where s is negative, zero, and greater or eq...

Created - 1 comment - good-first-bug test-coverage

HMAC: Split `hmac::SigningKey::new` briansmith/ring

We have this code in `hmac::SigningKey::new` ```rust pub fn new(digest_alg: &'static digest::Algorithm, key_value: &[u8]) -> SigningKey { … let key_value...

Created - 1 comment - good-first-bug static-analysis-and-type-safety usability

Enable/disable C `assert()` based on whether Rust assertions are enabled/disabled. briansmith/ring

Right now we choose whether or not to build in debug mode based on `env::var("OPT_LEVEL")` in the build script, but I think we should be using some other flag specific to whether debug assertions a...

Created - 1 comment - good-first-bug static-analysis-and-type-safety

Randomize the first bit of X25519 public keys briansmith/ring

When we generate an X25519 private key, there are a few bits of the private key that are unused (always masked off, or masked set). We can steal one of those random bits to choose whether the high-...

Created - 1 comment - good-first-bug

Implement `core::fmt::Debug` for all public Algorithm types briansmith/ring

I suggest that the implementation should just output the same thing it would output if the Algorithm type were defined to be an empty struct type, like this: ```rust struct Algorithm; ``` I...

Created - 1 comment - good-first-bug usability

Allow applications to use RDRAND/RDSEED instead of OS PRNG on x86/x64 briansmith/ring

RDRAND/RDSEED will not be the default on any platform, but there should be some way to use it in specific scenerios where `getrandom()` and reading from `/dev/[u]random` and similar can't be used. ...

Created - 2 comments - good-first-bug usability

Add Visual Studio 2017 builds to AppVeyor briansmith/ring

[Note that Visual Studio “15” is the successor to Visual Studio 2015 and will probably have a different name; see https://www.visualstudio.com/en-us/news/releasenotes/vs15-relnotes.] Let's suppo...

Created - 2 comments - good-first-bug usability

Use `BitLength` for all bit-denoted lengths briansmith/ring

See also #345, 346, #347. Without the compiler supporting const fns, we are limited in the contexts in which we can use `BitLength`. @samscott89 noted that we may be able to make `BitLength` a n...

Created - 2 comments - good-first-bug static-analysis-and-type-safety

Use Fuchsia's randomness API on Fuchsia briansmith/ring

See https://boringssl.googlesource.com/boringssl/+/c80e41635384324c13562a6727948193234f35d9%5E%21/#F1. Since that Google code is under the ISC license, we can borrow as much of it as is helpful....

Created - 2 comments - good-first-bug performance static-analysis-and-type-safety

Improve ARM build options briansmith/ring

@pietro wrote: > According to [this](https://developer.android.com/ndk/guides/standalone_toolchain.html#abi_compatibility) we should also pass `-mfloat-abi=softfp`. We may also want to pass `-thum...

Created - 2 comments - good-first-bug

Implement `PartialEq` and `Eq` for all public Algorithm types briansmith/ring

I suggest that for each Algorithm type, we define a simple enum, like this: ```rust #[derive(Eq)] pub struct WhateverAlgorithm { // existing fields id: WhateverAlgorithmID, // Add th...

Created - 2 comments - good-first-bug usability

Optimize PBKDF2 briansmith/ring

See https://jbp.io/2015/08/11/pbkdf2-performance-matters/#strategies.

Created - 3 comments - enhancement good-first-bug performance

Improve conventions for returning arrays from functions briansmith/ring

In some cases, e.g. in the implementations of `ring::aead::seal_in_place` and `ring_aead::open_in_place`, we pass a function an uninitialized (actually, zero-initialized) buffer and then expect tha...

Created - 4 comments - good-first-bug performance

Implemengt NoPanicSlice in terms of non-panicing slicing in when it is available in Rust's standa... briansmith/ring

See https://github.com/rust-lang/rfcs/pull/1325. `no_panic::NoPanicSlice::subslice`, and maybe other things, should be rewritten when the new Rust functionality is available.

Created - 4 comments - good-first-bug static-analysis-and-type-safety

Benchmark ChaCha20 and Poly1305 vs Andrew Moon's implementations briansmith/ring

Andrew Moon has very fast ChaCha20 and Poly1305 implementations at https://github.com/floodyberry/chacha-opt and https://github.com/floodyberry/poly1305-opt respectively. _ring_'s code should be b...

Created - 4 comments - good-first-bug performance

Add NIST CAVP AES-GCM tests briansmith/ring

See https://boringssl.googlesource.com/boringssl/+/3975ecffc22b1d98065d11e94713d258ecddbe93. Ideally we'd do something very similar, but without depending on Go. However, depending on Go in the sho...

Created - 4 comments - good-first-bug

Add Address Sanitizer (ASAN) configuration to Continuous Integration builds briansmith/ring

We should be doing runs with the tests running under ASAN.

Created - 5 comments - good-first-bug test-coverage

Remove rustc_serialize dependency briansmith/ring

#378 adds a new dev_dependency on rustc_serialize, which is deprecated and larger than what we need. Let's replace that dependency with a dependency on a smaller base64-specific crate.

Created - 5 comments - good-first-bug static-analysis-and-type-safety test-coverage

Add aarch64-linux-android targets to Travis CI briansmith/ring

At the time we added 32-bit ARM Android to Travis CI, Aarch64 builds of Rust's libstd weren't available. However, now they are available, so we can add AAarch64 targets now.

Created - 6 comments - good-first-bug static-analysis-and-type-safety test-coverage

Replace `GFp_x25519_ecdh()` and `GFp_x25519_public_from_private()` with Rust code briansmith/ring

`GFp_x25519_ecdh()` is just a wrapper around the point multiplication, so it's simple. `GFp_x25519_public_from_private()` is a little more work because it has two implementations: One for ARM NEON...

Created - 6 comments - good-first-bug static-analysis-and-type-safety

Displaying issues 1 - 30 of 42 in total

License

Language

Labels