[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Thu Jul 12 17:36:40 UTC 2018
The branch master has been updated
via 03a5e5ae6304c75f611d3613bedf2019524ff0d6 (commit)
from 71883868ea5b33416ae8283bcc38dd2d97e5006b (commit)
- Log -----------------------------------------------------------------
commit 03a5e5ae6304c75f611d3613bedf2019524ff0d6
Author: Patrick Steuer <patrick.steuer at de.ibm.com>
Date: Thu Jul 12 13:19:07 2018 -0400
Fix undefined behavior in s390x aes-gcm/ccm
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Andy Polyakov <appro at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/e_aes.c | 40 +++++++++++++++++++++-------------------
1 file changed, 21 insertions(+), 19 deletions(-)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index eb37b4b..0add393 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -144,6 +144,22 @@ void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
const unsigned char iv[16]);
#endif
+/* increment counter (64-bit int) by 1 */
+static void ctr64_inc(unsigned char *counter)
+{
+ int n = 8;
+ unsigned char c;
+
+ do {
+ --n;
+ c = counter[n];
+ ++c;
+ counter[n] = c;
+ if (c)
+ return;
+ } while (n);
+}
+
#if defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
# include "ppc_arch.h"
# ifdef VPAES_ASM
@@ -1654,7 +1670,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
* Invocation field will be at least 8 bytes in size and so no need
* to check wrap around or increment more than last 8 bytes.
*/
- (*(unsigned long long *)(gctx->iv + gctx->ivlen - 8))++;
+ ctr64_inc(gctx->iv + gctx->ivlen - 8);
gctx->iv_set = 1;
return 1;
@@ -2291,7 +2307,7 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
memcpy(buf, ptr, arg);
cctx->aes.ccm.tls_aad_len = arg;
- len = *(uint16_t *)(buf + arg - 2);
+ len = buf[arg - 2] << 8 | buf[arg - 1];
if (len < EVP_CCM_TLS_EXPLICIT_IV_LEN)
return 0;
@@ -2307,7 +2323,9 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
len -= cctx->aes.ccm.m;
}
- *(uint16_t *)(buf + arg - 2) = len;
+ buf[arg - 2] = len >> 8;
+ buf[arg - 1] = len & 0xff;
+
/* Extra padding: tag appended to record. */
return cctx->aes.ccm.m;
@@ -2791,22 +2809,6 @@ static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
return 1;
}
-/* increment counter (64-bit int) by 1 */
-static void ctr64_inc(unsigned char *counter)
-{
- int n = 8;
- unsigned char c;
-
- do {
- --n;
- c = counter[n];
- ++c;
- counter[n] = c;
- if (c)
- return;
- } while (n);
-}
-
static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
{
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,c);
More information about the openssl-commits
mailing list