diff options
| author | Andy Polyakov <appro@openssl.org> | 2012-11-05 17:03:39 +0000 |
|---|---|---|
| committer | Ben Laurie <ben@links.org> | 2013-09-16 14:12:25 +0100 |
| commit | 125c2ed8a3d25d56768f92075547d7fdc8db12be (patch) | |
| tree | 15b5803c7684ec32133e26069e460762f54bd959 /crypto | |
| parent | 09da95542aa8367a5ac164ae78725c8a11849c56 (diff) | |
crypto/modes: even more strict aliasing fixes [and fix bug in cbc128.c from
previous cbc128.c commit].
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/modes/cbc128.c | 19 | ||||
| -rw-r--r-- | crypto/modes/ccm128.c | 2 | ||||
| -rw-r--r-- | crypto/modes/cts128.c | 28 |
3 files changed, 20 insertions, 29 deletions
diff --git a/crypto/modes/cbc128.c b/crypto/modes/cbc128.c index 34b2a2ef21..0e54f75470 100644 --- a/crypto/modes/cbc128.c +++ b/crypto/modes/cbc128.c @@ -137,11 +137,13 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out, out += 16; } } - else { + else if (16%sizeof(size_t) == 0) { /* always true */ while (len>=16) { + size_t *out_t=(size_t *)out, *iv_t=(size_t *)iv; + (*block)(in, out, key); - for(n=0; n<16; n+=sizeof(size_t)) - *(size_t *)(out+n) ^= *(size_t *)(iv+n); + for(n=0; n<16/sizeof(size_t); n++) + out_t[n] ^= iv_t[n]; iv = in; len -= 16; in += 16; @@ -166,18 +168,19 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out, } } else if (16%sizeof(size_t) == 0) { /* always true */ - size_t c, *out_t=(size_t *)out, *ivec_t=(size_t *)ivec; - const size_t *in_t=(const size_t *)in; while (len>=16) { - (*block)((const unsigned char *)in_t, tmp.c, key); + size_t c, *out_t=(size_t *)out, *ivec_t=(size_t *)ivec; + const size_t *in_t=(const size_t *)in; + + (*block)(in, tmp.c, key); for(n=0; n<16/sizeof(size_t); n++) { c = in_t[n]; out_t[n] = tmp.t[n] ^ ivec_t[n]; ivec_t[n] = c; } len -= 16; - in_t += 16/sizeof(size_t); - out_t += 16/sizeof(size_t); + in += 16; + out += 16; } } } diff --git a/crypto/modes/ccm128.c b/crypto/modes/ccm128.c index c9b35e5b35..3ce11d0d98 100644 --- a/crypto/modes/ccm128.c +++ b/crypto/modes/ccm128.c @@ -87,7 +87,7 @@ int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, ctx->nonce.c[11] = (u8)(mlen>>(32%(sizeof(mlen)*8))); } else - *(u32*)(&ctx->nonce.c[8]) = 0; + ctx->nonce.u[1] = 0; ctx->nonce.c[12] = (u8)(mlen>>24); ctx->nonce.c[13] = (u8)(mlen>>16); diff --git a/crypto/modes/cts128.c b/crypto/modes/cts128.c index c0e1f3696c..2d583de6f6 100644 --- a/crypto/modes/cts128.c +++ b/crypto/modes/cts128.c @@ -108,12 +108,8 @@ size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out, (*cbc)(in,out-16,residue,key,ivec,1); memcpy(out,tmp.c,residue); #else - { - size_t n; - for (n=0; n<16; n+=sizeof(size_t)) - *(size_t *)(tmp.c+n) = 0; + memset(tmp.c,0,sizeof(tmp)); memcpy(tmp.c,in,residue); - } memcpy(out,out-16,residue); (*cbc)(tmp.c,out-16,16,key,ivec,1); #endif @@ -144,12 +140,8 @@ size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out, #if defined(CBC_HANDLES_TRUNCATED_IO) (*cbc)(in,out-16+residue,residue,key,ivec,1); #else - { - size_t n; - for (n=0; n<16; n+=sizeof(size_t)) - *(size_t *)(tmp.c+n) = 0; + memset(tmp.c,0,sizeof(tmp)); memcpy(tmp.c,in,residue); - } (*cbc)(tmp.c,out-16+residue,16,key,ivec,1); #endif return len+residue; @@ -177,8 +169,7 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out, (*block)(in,tmp.c+16,key); - for (n=0; n<16; n+=sizeof(size_t)) - *(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n); + memcpy(tmp.c,tmp.c+16,16); memcpy(tmp.c,in+16,residue); (*block)(tmp.c,tmp.c,key); @@ -220,8 +211,7 @@ size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *o (*block)(in+residue,tmp.c+16,key); - for (n=0; n<16; n+=sizeof(size_t)) - *(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n); + memcpy(tmp.c,tmp.c+16,16); memcpy(tmp.c,in,residue); (*block)(tmp.c,tmp.c,key); @@ -240,7 +230,7 @@ size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *o size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key, unsigned char ivec[16], cbc128_f cbc) -{ size_t residue, n; +{ size_t residue; union { size_t align; unsigned char c[32]; } tmp; assert (in && out && key && ivec); @@ -257,8 +247,7 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out, out += len; } - for (n=16; n<32; n+=sizeof(size_t)) - *(size_t *)(tmp.c+n) = 0; + memset(tmp.c,0,sizeof(tmp)); /* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */ (*cbc)(in,tmp.c,16,key,tmp.c+16,0); @@ -275,7 +264,7 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out, size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key, unsigned char ivec[16], cbc128_f cbc) -{ size_t residue, n; +{ size_t residue; union { size_t align; unsigned char c[32]; } tmp; assert (in && out && key && ivec); @@ -297,8 +286,7 @@ size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out, out += len; } - for (n=16; n<32; n+=sizeof(size_t)) - *(size_t *)(tmp.c+n) = 0; + memset(tmp.c,0,sizeof(tmp)); /* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */ (*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0); |