Set CHUNK_SIZE_MAX better for 32-bit systems

This commit is contained in:
Travis Burtrum 2019-12-30 00:33:05 -05:00
parent fcc9307d7c
commit 3f85f69492
2 changed files with 27 additions and 14 deletions

View File

@ -24,6 +24,8 @@ mv pegh pegh.static.openssl
make clean all PEGH_LIBSODIUM=1 PEGH_OPENSSL=1 CC=clang LDFLAGS="-static -lcrypto" || clang pegh.c -DPEGH_LIBSODIUM -DPEGH_OPENSSL -static -lsodium -lcrypto -O3 -o pegh
mv pegh pegh.static.libsodium-openssl
./pegh.static.libsodium-openssl -h
ls -lah pegh.static.*
strip pegh.static.*

39
pegh.c
View File

@ -95,7 +95,7 @@ typedef int (*gcm_func)(const unsigned char *, const size_t,
#include <openssl/rand.h>
/* this is because we read up to buffer_size at once, and then send that value to openssl which uses int instead of size_t, limit of 2gb */
static const size_t CHUNK_SIZE_MAX = INT_MAX;
static const size_t CHUNK_SIZE_MAX_OPENSSL = INT_MAX;
/*
* returns 1 on success, 0 on failure
@ -287,16 +287,15 @@ void wipe_memory(void * const ptr, const size_t len) {
#include <sodium.h>
/* for now in hybrid mode lazily use OPENSSL's CHUNK_SIZE_MAX which is smaller, solution to make them the same coming soon */
#ifndef PEGH_OPENSSL
/* unlike openssl, libsodium uses proper types, so we can go all the way up to the "aes-gcm-256 is still secure" limit of around 32gb */
/*
// actually this is breaking on x86 and aarch64 where size_t is `unsigned int` and this overflows, how to handle???
static const size_t CHUNK_SIZE_MAX = 1024UL * 1024 * 1024 * 32;
// for now, 4gb will do?
*/
static const size_t CHUNK_SIZE_MAX = UINT_MAX;
#endif /* PEGH_OPENSSL */
* unlike openssl, libsodium uses proper types, so we can go all the way up to the "aes-gcm-256 is still secure" limit of around 32gb
* but 32-bit systems have SIZE_MAX smaller than that, so special case that here
*/
#if (1024UL * 1024 * 1024 * 32) > SIZE_MAX
static const size_t CHUNK_SIZE_MAX_LIBSODIUM = SIZE_MAX;
#else
static const size_t CHUNK_SIZE_MAX_LIBSODIUM = 1024UL * 1024 * 1024 * 32;
#endif
/*
* returns 1 on success, 0 on failure
@ -402,11 +401,22 @@ void wipe_memory(void * const ptr, const size_t len) {
/* always prefer libsodium AES if possible because it's faster */
#ifdef PEGH_LIBSODIUM
gcm_func gcm_encrypt = gcm_encrypt_libsodium;
gcm_func gcm_decrypt = gcm_decrypt_libsodium;
/* if PEGH_OPENSSL is defined, these can be redefined at runtime depending on CPU, otherwise const */
#ifndef PEGH_OPENSSL
#define PEGH_CONST const
#else
#define PEGH_CONST
#endif
static PEGH_CONST gcm_func gcm_encrypt = gcm_encrypt_libsodium;
static PEGH_CONST gcm_func gcm_decrypt = gcm_decrypt_libsodium;
static PEGH_CONST size_t CHUNK_SIZE_MAX = CHUNK_SIZE_MAX_LIBSODIUM;
#elif PEGH_OPENSSL
gcm_func gcm_encrypt = gcm_encrypt_openssl;
gcm_func gcm_decrypt = gcm_decrypt_openssl;
static const gcm_func gcm_encrypt = gcm_encrypt_openssl;
static const gcm_func gcm_decrypt = gcm_decrypt_openssl;
static const size_t CHUNK_SIZE_MAX = CHUNK_SIZE_MAX_OPENSSL;
#endif
/* returns 1 on success, 0 on failure */
@ -768,6 +778,7 @@ int main(int argc, char **argv)
fprintf(stderr, "Warning: libsodium does not support AES-256-GCM on this CPU, falling back to openssl version instead...\n");
gcm_encrypt = gcm_encrypt_openssl;
gcm_decrypt = gcm_decrypt_openssl;
CHUNK_SIZE_MAX = CHUNK_SIZE_MAX_OPENSSL;
#else
/* nothing we can do */
fprintf(stderr, "Error: libsodium does not support AES-256-GCM on this CPU, compile/use openssl version?\n");