v1.2.1

CHANGELOG.md

@@ -9,6 +9,39 @@ adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 *******************************************************************************
 
+[1.2.1] - 2022-04-30
+----------------------------------------
+
+Constant-time tag/digest validation against timing attacks, improved CMake
+portability.
+
+### Fixed
+
+#### Security
+
+- Use constant-time tag/digest validation to offer some resistance against
+  timing attacks. Applies to all decryption functions
+  (`ascon_aead*_decrypt*()`)  and all hashing functions which compare
+  the generated digest to the expected (`ascon_hash_*_matches()`).
+
+#### Cross-platform portability
+
+- Enforced name `libascon.{dll|so|dylib}` for the shared library, so it's the
+  same when built with any toolchain.
+- CMake will not verify whether a compiler supports a flag before using it.
+  This makes the CMake configuration phase slightly longer, but the result
+  is cached, so it happens only the first time.
+- CMake now defaults to `MinSizeRel` build type if `CMAKE_BUILD_TYPE` is not
+  specified, because binary size matters more than speed for a cross-platform
+  implementation. Additionaly, on some platforms it overperforms the
+  `Release` build.
+- Explicitly setting many Doxygen settings.
+
+#### Internal changes
+
+- Simplified Ascon permutation code, to increase its readability.
+- Internal function `byte_mask()` renamed to `mask_most_signif_bytes()`.
+
 [1.2.0] - 2022-02-05
 ----------------------------------------
 

CMakeLists.txt

@@ -5,15 +5,16 @@
 
 cmake_minimum_required(VERSION 3.9)
 project(LibAscon
-        VERSION 1.2.0
+        VERSION 1.2.1
         LANGUAGES C
         DESCRIPTION
         "Lightweight Authenticated Encryption & Hashing, \
         also with Init-Update-Final paradigm.")
 
-# Unless specified, by default create Release builds
+# Default build type, if not specified explicitly with `-DCMAKE_BUILD_TYPE`
 if (NOT CMAKE_BUILD_TYPE)
-    set(CMAKE_BUILD_TYPE Release)
+    set(CMAKE_BUILD_TYPE MinSizeRel)
+    message("CMAKE_BUILD_TYPE unspecified, defaulting to ${CMAKE_BUILD_TYPE}")
 endif ()
 
 set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
@@ -122,14 +123,17 @@ target_include_directories(ascon128ahash PUBLIC inc/ PRIVATE src/)
 add_library(ascon80pqhash STATIC ${LIB_SRC_FILES_80pq} ${LIB_SRC_FILES_HASH})
 target_include_directories(ascon80pqhash PUBLIC inc/ PRIVATE src/)
 
-# Shared library (.dylib / .dll)
+# Shared library (.so / .dylib / .dll)
 # Does not reuse the static library object files, as they are
 # recompiled in order to have position-independent code
 add_library(ascon SHARED ${LIB_SRC_FILES_FULL})
 target_include_directories(ascon PUBLIC inc/ PRIVATE src/)
 set_target_properties(ascon PROPERTIES
         POSITION_INDEPENDENT_CODE ON
-        INTERPROCEDURAL_OPTIMISATION TRUE)
+        INTERPROCEDURAL_OPTIMISATION TRUE
+        # Remove any "msys-" and enforce the same lib name with all toolchains
+        PREFIX lib
+        OUTPUT_NAME ascon)
 
 # Copy test vectors files to build directory.
 # They are used by the test runner
@@ -186,28 +190,78 @@ set_target_properties(ascon_benchmark PROPERTIES
         INTERPROCEDURAL_OPTIMISATION TRUE)
 
 # Doxygen documentation builder
-find_package(Doxygen)
+find_package(Doxygen OPTIONAL_COMPONENTS dot)
 if (DOXYGEN_FOUND)
     # Cmake's wrapper of Doxygen, constructing a doxyfile from the
     # DOXYGEN_* variables, which are mapped to the Doxygen variables.
-    set(DOXYGEN_GENERATE_HTML YES)
-    set(DOXYGEN_GENERATE_MAN YES)
+
+    # Parts of the source documentation to work on
+    set(DOXYGEN_EXTRACT_ALL YES)
+    set(DOXYGEN_EXTRACT_PRIVATE NO)
+    set(DOXYGEN_EXTRACT_PRIV_VIRTUAL NO)
+    set(DOXYGEN_EXTRACT_PACKAGE NO)
+    set(DOXYGEN_EXTRACT_STATIC NO)
+    set(DOXYGEN_EXTRACT_LOCAL_CLASSES NO)
+    set(DOXYGEN_EXTRACT_LOCAL_METHODS NO)
+    set(DOXYGEN_EXTRACT_ANON_NSPACES NO)
+    set(DOXYGEN_INTERNAL_DOCS NO)
+    set(DOXYGEN_USE_MDFILE_AS_MAINPAGE README.md)
+    set(DOXYGEN_IMAGE_PATH ${PROJECT_SOURCE_DIR}/images)
+
+    # How to process the source code
+    set(DOXYGEN_INPUT_ENCODING UTF-8)
+    set(DOXYGEN_BRIEF_MEMBER_DESC YES)
+    set(DOXYGEN_REPEAT_BRIEF YES)
     set(DOXYGEN_JAVADOC_AUTOBRIEF YES)
     set(DOXYGEN_OPTIMIZE_OUTPUT_FOR_C YES)
+    set(DOXYGEN_MARKDOWN_SUPPORT YES)
+    set(DOXYGEN_TAB_SIZE 4)
+
+    # Components and look of the output
+    set(DOXYGEN_OUTPUT_LANGUAGE English)
+    set(DOXYGEN_TOC_INCLUDE_HEADINGS 5)
+    set(DOXYGEN_AUTOLINK_SUPPORT YES)
+    set(DOXYGEN_HIDE_UNDOC_MEMBERS NO)
+    set(DOXYGEN_HIDE_UNDOC_CLASSES NO)
+    set(DOXYGEN_HIDE_IN_BODY_DOCS NO)
     set(DOXYGEN_SORT_MEMBER_DOCS NO)
-    set(DOXYGEN_IMAGE_PATH ${PROJECT_SOURCE_DIR}/images)
+    set(DOXYGEN_SORT_BRIEF_DOCS NO)
+    set(DOXYGEN_MAX_INITIALIZER_LINES 30)
+    #set(DOXYGEN_PROJECT_LOGO )
+
+    # Format of the output
+    set(DOXYGEN_GENERATE_HTML YES)
+    set(DOXYGEN_GENERATE_MAN YES)
+
+    # Processing
+    set(DOXYGEN_NUM_PROC_THREADS 0)  # As many as CPU cores
+    set(DOXYGEN_QUIET YES)
+    set(DOXYGEN_WARNINGS YES)
+    set(DOXYGEN_WARN_IF_UNDOCUMENTED YES)
+    set(DOXYGEN_WARN_IF_DOC_ERROR YES)
+    set(DOXYGEN_WARN_NO_PARAMDOC YES)
+    set(DOXYGEN_WARN_AS_ERROR YES)
+    if (DOT_FOUND)
+        set(DOXYGEN_DOT_PATH ) # Empty = find it in PATH
+        set(DOXYGEN_DOT_NUM_THREADS 0)  # As many as CPU cores
+        set(DOXYGEN_CALL_GRAPH YES)
+        set(DOXYGEN_CALLER_GRAPH YES)
+        set(DOXYGEN_DIRECTORY_GRAPH YES)
+    endif()
+
+        # Customisations
     set(DOXYGEN_ALIASES license="**License:**")
-    set(DOXYGEN_USE_MDFILE_AS_MAINPAGE README.md)
     set(DOXYGEN_PREDEFINED WIN32 ASCON_INPUT_ASSERTS)
-    set(DOXYGEN_DOT_PATH )  # Empty = find it in PATH
+
     doxygen_add_docs(ascon_doxygen
             # Do NOT build doxygen on make-all, to avoid polluting the stdout
             # List of input files for Doxygen
             ${PROJECT_SOURCE_DIR}/inc/ascon.h
             ${PROJECT_SOURCE_DIR}/LICENSE.md
             ${PROJECT_SOURCE_DIR}/AUTHORS.md
             ${PROJECT_SOURCE_DIR}/README.md
-            ${PROJECT_SOURCE_DIR}/CHANGELOG.md)
+            ${PROJECT_SOURCE_DIR}/CHANGELOG.md
+            COMMENT "Generating Doxygen documentation...")
 else (DOXYGEN_FOUND)
     message(WARNING "Doxygen not found. Cannot generate documentation.")
 endif (DOXYGEN_FOUND)

README.md

@@ -13,13 +13,19 @@ associated data (AEAD) and hashing functions, but it also includes
 Init-Update-Final processing and variable tag length. Heavily tested and ready
 for embedded systems!
 
-### Disclaimer
+### Security disclaimer
 
-This is not a security-hardened implementation, just a simple one focused
-mostly on usability, portability and high(er) set of features There is no added
-protection against side-channel attacks other than what the Ascon algorithm
-itself provides by design.
+This is **not a security-hardened implementation**, just a simple one, focused
+mostly on usability, portability, and high(er) set of features compared to the
+reference implementation. There is no explicit protection against side-channel
+attacks other than what the Ascon algorithm itself provides by design.
 
+Nevertheless, this implementation:
+
+- uses constant-time operations (should help against timing attacks),
+- **tries** to force the compiler to actually clear sensitive data instead of
+  optimising the operations away (this is hard to achieve properly),
+- has 100% line and 100% branch test coverage.
 
 Features
 ----------------------------------------