fix rabbit and hc128 CTaoCrypt test buffers for aligned access only, allow TLS on intel w/o aligned stream buffers, otherwise align

2025-07-31 19:24:42 +02:00 · 2013-01-07 14:06:58 -08:00
parent f3a0d311a0
commit eeb11a6e51
4 changed files with 61 additions and 20 deletions
--- a/ctaocrypt/test/test.c
+++ b/ctaocrypt/test/test.c
@@ -1194,11 +1194,16 @@ int hc128_test(void)
        HC128 enc;
        HC128 dec;

-        Hc128_SetKey(&enc, (byte*)keys[i], (byte*)ivs[i]);
-        Hc128_SetKey(&dec, (byte*)keys[i], (byte*)ivs[i]);
+        /* align keys/ivs in plain/cipher buffers */
+        memcpy(plain,  keys[i], 16); 
+        memcpy(cipher, ivs[i],  16); 

-        Hc128_Process(&enc, cipher, (byte*)test_hc128[i].input,
-                    (word32)test_hc128[i].outLen);
+        Hc128_SetKey(&enc, plain, cipher);
+        Hc128_SetKey(&dec, plain, cipher);
+
+        /* align input */
+        memcpy(plain, test_hc128[i].input, test_hc128[i].outLen);
+        Hc128_Process(&enc, cipher, plain,  (word32)test_hc128[i].outLen);
        Hc128_Process(&dec, plain,  cipher, (word32)test_hc128[i].outLen);

        if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen))
@@ -1219,22 +1224,17 @@ int rabbit_test(void)
    byte cipher[16];
    byte plain[16];

-    const char* keys[] =   /* align with 3 extra bytes cause null is added */
+    const char* keys[] = 
    {           
-        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
-            "\x00\x00\x00",
-        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
-            "\x00\x00\x00",
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
        "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91"
-            "\x00\x00\x00"
    };

-    const char* ivs[] = /* align with 3 extra bytes casue null is added */
+    const char* ivs[] =
    {
-        "\x00\x00\x00\x00\x00\x00\x00\x00"
-            "\x00\x00\x00",
-        "\x59\x7E\x26\xC1\x75\xF5\x73\xC3"
-            "\x00\x00\x00",
+        "\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x59\x7E\x26\xC1\x75\xF5\x73\xC3",
        0
    };

@@ -1265,12 +1265,21 @@ int rabbit_test(void)
    for (i = 0; i < times; ++i) {
        Rabbit enc;
        Rabbit dec;
+        byte*  iv;

-        RabbitSetKey(&enc, (byte*)keys[i], (byte*)ivs[i]);
-        RabbitSetKey(&dec, (byte*)keys[i], (byte*)ivs[i]);
+        /* align keys/ivs in plain/cipher buffers */
+        memcpy(plain,  keys[i], 16);
+        if (ivs[i]) {
+            memcpy(cipher, ivs[i],   8);
+            iv = cipher;
+        } else
+            iv = NULL;
+        RabbitSetKey(&enc, plain, iv);
+        RabbitSetKey(&dec, plain, iv);

-        RabbitProcess(&enc, cipher, (byte*)test_rabbit[i].input,
-                    (word32)test_rabbit[i].outLen);
+        /* align input */
+        memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen);
+        RabbitProcess(&enc, cipher, plain,  (word32)test_rabbit[i].outLen);
        RabbitProcess(&dec, plain,  cipher, (word32)test_rabbit[i].outLen);

        if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen))
--- a/cyassl/ctaocrypt/settings.h
+++ b/cyassl/ctaocrypt/settings.h
@@ -72,6 +72,13 @@

 #include <cyassl/ctaocrypt/visibility.h>

+/* stream ciphers except arc4 need 32bit alignment, intel ok without */
+#if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
+    #define NO_XSTREAM_ALIGNMENT
+#else
+    #define XSTREAM_ALIGNMENT
+#endif
+
 #ifdef IPHONE
    #define SIZEOF_LONG_LONG 8
 #endif
--- a/cyassl/ctaocrypt/types.h
+++ b/cyassl/ctaocrypt/types.h
@@ -227,7 +227,8 @@ enum {
    DYNAMIC_TYPE_DTLS_POOL    = 34,
    DYNAMIC_TYPE_SOCKADDR     = 35,
    DYNAMIC_TYPE_LIBZ         = 36,
-    DYNAMIC_TYPE_ECC          = 37
+    DYNAMIC_TYPE_ECC          = 37,
+    DYNAMIC_TYPE_TMP_BUFFER   = 38
 };

 /* stack protection */
--- a/src/internal.c
+++ b/src/internal.c
@@ -3000,12 +3000,36 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz)

        #ifdef HAVE_HC128
            case hc128:
+                #ifdef XSTREAM_ALIGNMENT
+                if ((word)input % 4) {
+                    byte* tmp = (byte*)XMALLOC(sz, ssl->heap,
+                                               DYNAMIC_TYPE_TMP_BUFFER);
+                    if (tmp == NULL) return MEMORY_E;
+                    XMEMCPY(tmp, input, sz);
+                    Hc128_Process(ssl->encrypt.hc128, tmp, tmp, sz);
+                    XMEMCPY(out, tmp, sz);
+                    XFREE(tmp, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+                    break;
+                }
+                #endif
                Hc128_Process(ssl->encrypt.hc128, out, input, sz);
                break;
        #endif

        #ifdef BUILD_RABBIT
            case rabbit:
+                #ifdef XSTREAM_ALIGNMENT
+                if ((word)input % 4) {
+                    byte* tmp = (byte*)XMALLOC(sz, ssl->heap,
+                                               DYNAMIC_TYPE_TMP_BUFFER);
+                    if (tmp == NULL) return MEMORY_E;
+                    XMEMCPY(tmp, input, sz);
+                    RabbitProcess(ssl->encrypt.rabbit, tmp, tmp, sz);
+                    XMEMCPY(out, tmp, sz);
+                    XFREE(tmp, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+                    break;
+                }
+                #endif
                RabbitProcess(ssl->encrypt.rabbit, out, input, sz);
                break;
        #endif