Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-3-0]: src Pull up patches (requested by joerg in ticket #1812):
details: https://anonhg.NetBSD.org/src/rev/13a04af6100f
branches: netbsd-3-0
changeset: 579443:13a04af6100f
user: ghen <ghen%NetBSD.org@localhost>
date: Tue Aug 28 13:32:31 2007 +0000
description:
Pull up patches (requested by joerg in ticket #1812):
lib/libc/hash/sha2/sha2.c: patch
sys/crypto/ripemd160/rmd160.c: patch
sys/crypto/sha2/sha2.c: patch
Fix SIGBUS issues on strict alignment issues. Use le32dec in RMD160
as the data pointer to RMD160_Update doesn't have to be aligned.
In SHA256_Update and SHA512_Update, only operate directly on the passed
in data if no left-over in the context exists and the data is correctly
aligned. The problem was exposed by the audit-packages rewrite in C
and reported for the libnbcompat version in PR pkg/36662.
cast to void* to avoid a fatal warning
diffstat:
lib/libc/hash/sha2/sha2.c | 62 +++++++++++++++++++++++++++++++++---------
sys/crypto/ripemd160/rmd160.c | 6 ++--
sys/crypto/sha2/sha2.c | 62 +++++++++++++++++++++++++++++++++---------
3 files changed, 100 insertions(+), 30 deletions(-)
diffs (200 lines):
diff -r e50a3a7b4ed7 -r 13a04af6100f lib/libc/hash/sha2/sha2.c
--- a/lib/libc/hash/sha2/sha2.c Sun Aug 26 20:28:32 2007 +0000
+++ b/lib/libc/hash/sha2/sha2.c Tue Aug 28 13:32:31 2007 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: sha2.c,v 1.3.2.2 2005/09/08 19:15:44 tron Exp $ */
+/* $NetBSD: sha2.c,v 1.3.2.2.2.1 2007/08/28 13:32:31 ghen Exp $ */
/* $KAME: sha2.c,v 1.9 2003/07/20 00:28:38 itojun Exp $ */
/*
@@ -526,12 +526,30 @@
return;
}
}
- while (len >= SHA256_BLOCK_LENGTH) {
- /* Process as many complete blocks as we can */
- SHA256_Transform(context, (const sha2_word32*)(const void *)data);
- context->bitcount += SHA256_BLOCK_LENGTH << 3;
- len -= SHA256_BLOCK_LENGTH;
- data += SHA256_BLOCK_LENGTH;
+ /*
+ * Process as many complete blocks as possible.
+ *
+ * Check alignment of the data pointer. If it is 32bit aligned,
+ * SHA256_Transform can be called directly on the data stream,
+ * otherwise enforce the alignment by copy into the buffer.
+ */
+ if ((uintptr_t)data % 4 == 0) {
+ while (len >= SHA256_BLOCK_LENGTH) {
+ SHA256_Transform(context,
+ (const sha2_word32 *)(const void *)data);
+ context->bitcount += SHA256_BLOCK_LENGTH << 3;
+ len -= SHA256_BLOCK_LENGTH;
+ data += SHA256_BLOCK_LENGTH;
+ }
+ } else {
+ while (len >= SHA256_BLOCK_LENGTH) {
+ memcpy(context->buffer, data, SHA256_BLOCK_LENGTH);
+ SHA256_Transform(context,
+ (const sha2_word32 *)(const void *)context->buffer);
+ context->bitcount += SHA256_BLOCK_LENGTH << 3;
+ len -= SHA256_BLOCK_LENGTH;
+ data += SHA256_BLOCK_LENGTH;
+ }
}
if (len > 0) {
/* There's left-overs, so save 'em */
@@ -816,12 +834,30 @@
return;
}
}
- while (len >= SHA512_BLOCK_LENGTH) {
- /* Process as many complete blocks as we can */
- SHA512_Transform(context, (const sha2_word64*)(const void *)data);
- ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
- len -= SHA512_BLOCK_LENGTH;
- data += SHA512_BLOCK_LENGTH;
+ /*
+ * Process as many complete blocks as possible.
+ *
+ * Check alignment of the data pointer. If it is 64bit aligned,
+ * SHA512_Transform can be called directly on the data stream,
+ * otherwise enforce the alignment by copy into the buffer.
+ */
+ if ((uintptr_t)data % 8 == 0) {
+ while (len >= SHA512_BLOCK_LENGTH) {
+ SHA512_Transform(context,
+ (const sha2_word64*)(const void *)data);
+ ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
+ len -= SHA512_BLOCK_LENGTH;
+ data += SHA512_BLOCK_LENGTH;
+ }
+ } else {
+ while (len >= SHA512_BLOCK_LENGTH) {
+ memcpy(context->buffer, data, SHA512_BLOCK_LENGTH);
+ SHA512_Transform(context,
+ (const void *)context->buffer);
+ ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
+ len -= SHA512_BLOCK_LENGTH;
+ data += SHA512_BLOCK_LENGTH;
+ }
}
if (len > 0) {
/* There's left-overs, so save 'em */
diff -r e50a3a7b4ed7 -r 13a04af6100f sys/crypto/ripemd160/rmd160.c
--- a/sys/crypto/ripemd160/rmd160.c Sun Aug 26 20:28:32 2007 +0000
+++ b/sys/crypto/ripemd160/rmd160.c Tue Aug 28 13:32:31 2007 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: rmd160.c,v 1.3 2003/08/26 20:15:13 thorpej Exp $ */
+/* $NetBSD: rmd160.c,v 1.3.20.1 2007/08/28 13:32:31 ghen Exp $ */
/* $KAME: rmd160.c,v 1.2 2003/07/25 09:37:55 itojun Exp $ */
/* $OpenBSD: rmd160.c,v 1.3 2001/09/26 21:40:13 markus Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: rmd160.c,v 1.3 2003/08/26 20:15:13 thorpej Exp $");
+__KERNEL_RCSID(0, "$NetBSD: rmd160.c,v 1.3.20.1 2007/08/28 13:32:31 ghen Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -170,7 +170,7 @@
int i;
for (i = 0; i < 16; i++)
- x[i] = le32toh(*(u_int32_t*)(block+i*4));
+ x[i] = le32dec(block+i*4);
#endif
a = state[0];
diff -r e50a3a7b4ed7 -r 13a04af6100f sys/crypto/sha2/sha2.c
--- a/sys/crypto/sha2/sha2.c Sun Aug 26 20:28:32 2007 +0000
+++ b/sys/crypto/sha2/sha2.c Tue Aug 28 13:32:31 2007 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: sha2.c,v 1.3.2.2 2005/07/24 21:00:12 riz Exp $ */
+/* $NetBSD: sha2.c,v 1.3.2.2.2.1 2007/08/28 13:32:32 ghen Exp $ */
/* $KAME: sha2.c,v 1.9 2003/07/20 00:28:38 itojun Exp $ */
/*
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sha2.c,v 1.3.2.2 2005/07/24 21:00:12 riz Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sha2.c,v 1.3.2.2.2.1 2007/08/28 13:32:32 ghen Exp $");
#include <sys/types.h>
#include <sys/time.h>
@@ -527,12 +527,30 @@
return;
}
}
- while (len >= SHA256_BLOCK_LENGTH) {
- /* Process as many complete blocks as we can */
- SHA256_Transform(context, (const sha2_word32*)data);
- context->bitcount += SHA256_BLOCK_LENGTH << 3;
- len -= SHA256_BLOCK_LENGTH;
- data += SHA256_BLOCK_LENGTH;
+ /*
+ * Process as many complete blocks as possible.
+ *
+ * Check alignment of the data pointer. If it is 32bit aligned,
+ * SHA256_Transform can be called directly on the data stream,
+ * otherwise enforce the alignment by copy into the buffer.
+ */
+ if ((uintptr_t)data % 4 == 0) {
+ while (len >= SHA256_BLOCK_LENGTH) {
+ SHA256_Transform(context,
+ (const sha2_word32 *)(const void *)data);
+ context->bitcount += SHA256_BLOCK_LENGTH << 3;
+ len -= SHA256_BLOCK_LENGTH;
+ data += SHA256_BLOCK_LENGTH;
+ }
+ } else {
+ while (len >= SHA256_BLOCK_LENGTH) {
+ memcpy(context->buffer, data, SHA256_BLOCK_LENGTH);
+ SHA256_Transform(context,
+ (const sha2_word32 *)(const void *)context->buffer);
+ context->bitcount += SHA256_BLOCK_LENGTH << 3;
+ len -= SHA256_BLOCK_LENGTH;
+ data += SHA256_BLOCK_LENGTH;
+ }
}
if (len > 0) {
/* There's left-overs, so save 'em */
@@ -817,12 +835,28 @@
return;
}
}
- while (len >= SHA512_BLOCK_LENGTH) {
- /* Process as many complete blocks as we can */
- SHA512_Transform(context, (const sha2_word64*)data);
- ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
- len -= SHA512_BLOCK_LENGTH;
- data += SHA512_BLOCK_LENGTH;
+ /*
+ * Process as many complete blocks as possible.
+ *
+ * Check alignment of the data pointer. If it is 32bit aligned,
+ * SHA256_Transform can be called directly on the data stream,
+ * otherwise enforce the alignment by copy into the buffer.
+ */
+ if ((uintptr_t)data % 4 == 0) {
+ while (len >= SHA512_BLOCK_LENGTH) {
+ SHA512_Transform(context, (const sha2_word64*)data);
+ ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
+ len -= SHA512_BLOCK_LENGTH;
+ data += SHA512_BLOCK_LENGTH;
+ }
+ } else {
+ while (len >= SHA512_BLOCK_LENGTH) {
+ memcpy(context->buffer, data, SHA512_BLOCK_LENGTH);
+ SHA512_Transform(context, (const sha2_word64*)context->buffer);
+ ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
+ len -= SHA512_BLOCK_LENGTH;
+ data += SHA512_BLOCK_LENGTH;
+ }
}
if (len > 0) {
/* There's left-overs, so save 'em */
Home |
Main Index |
Thread Index |
Old Index