avinal
|
1933265148
|
feat: security fixes and improved test coverages
Security Fixes
1. Blowfish2 destructor added (blowfish2.h, blowfish2.cc) — zeros PArray and Sboxes on destruction
2. Secure memory zeroing (blowfish.cc, blowfish2.cc) — both destructors now use volatile pointer writes to prevent compiler elision
3. Input validation (blowfish.cc, blowfish2.cc) — initialize() now throws std::invalid_argument for null key, empty key, or key > 56 bytes
4. Copy assignment deleted (blowfish.h) — prevents accidental key material copies
5. Constants moved inside include guards (blowfish.h, blowfish2.h)
Code Quality Fixes
6. Typo fixed — BF_SBOX_INT → BF_SBOX_INIT in blowfish.cc
7. CMake standard fixed — blowfish2 target now requires cxx_std_17 instead of cxx_std_14
Test Fixes & Additions
8. Fixed "no fixed points" bug (test_properties.cpp) — L is no longer always 0
9. Eric Young KAT vectors (test_vectors.cpp) — 5 official Blowfish test vectors added
10. Key length tests — min (1 byte), max (56 bytes), and differing lengths
11. Invalid key rejection tests — empty, over-length, and null keys
12. Edge-case blocks — all-zero, all-ones, L==R
13. Key avalanche tests — flipping each key bit produces large ciphertext changes
14. Cross-instance consistency — same key → same output across instances
15. Re-initialization tests — different key after re-init produces different output
Assisted-by: Claude Code
Signed-off-by: Avinal Kumar <avinal.xlvii@gmail.com>
|
2026-04-15 18:21:01 +05:30 |
|
avinal
|
9d303b7855
|
Improve GitHub Actions flow and increse Cmake version
Build and Test / build (Debug, clang) (push) Failing after 18s
Build and Test / build (Debug, gcc) (push) Failing after 17s
Build and Test / build (Release, clang) (push) Failing after 25s
Build and Test / build (Release, gcc) (push) Failing after 17s
Build and Test / sanitize (push) Failing after 3s
- Increased CMake minimum version to 3.30
- added test run in github workflow
Signed-off-by: Avinal Kumar <avinal.xlvii@gmail.com>
|
2025-12-04 21:13:31 +05:30 |
|