src - FreeBSD source tree

diff options


context:
space:
mode:

author	Jung-uk Kim <jkim@FreeBSD.org>	2020-09-22 14:27:08 +0000
committer	Jung-uk Kim <jkim@FreeBSD.org>	2020-09-22 14:27:08 +0000
commit	92f02b3b0f21350e7c92a16ca9b594ad7682c717 (patch)
tree	00444fe1520f87a0f22770b5c0be936737fb2179 /crypto/modes
parent	65aa3028e51cba07879f3dc4608949c5c6b9fcc0 (diff)
download	src-92f02b3b0f21350e7c92a16ca9b594ad7682c717.tar.gz src-92f02b3b0f21350e7c92a16ca9b594ad7682c717.zip

Import OpenSSL 1.1.1h.vendor/openssl/1.1.1h

Notes

Notes: svn path=/vendor-crypto/openssl/dist/; revision=365997 svn path=/vendor-crypto/openssl/1.1.1h/; revision=365998; tag=vendor/openssl/1.1.1h

Diffstat (limited to 'crypto/modes')

-rwxr-xr-x

crypto/modes/asm/aesni-gcm-x86_64.pl

-rwxr-xr-x

crypto/modes/asm/ghash-x86_64.pl

-rw-r--r--

crypto/modes/cbc128.c

-rw-r--r--

crypto/modes/ccm128.c

-rw-r--r--

crypto/modes/cfb128.c

-rw-r--r--

crypto/modes/ctr128.c

-rw-r--r--

crypto/modes/gcm128.c

-rw-r--r--

crypto/modes/modes_local.h

-rw-r--r--

crypto/modes/ofb128.c

-rw-r--r--

crypto/modes/xts128.c

10 files changed, 111 insertions, 48 deletions

diff --git a/crypto/modes/asm/aesni-gcm-x86_64.pl b/crypto/modes/asm/aesni-gcm-x86_64.pl
index 959efedb0de7..60f03e4fe25b 100755
--- a/crypto/modes/asm/aesni-gcm-x86_64.pl
+++ b/crypto/modes/asm/aesni-gcm-x86_64.pl

@@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&

$avx = ($1>=10) + ($1>=11);

}

-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {

+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {

$avx = ($2>=3.0) + ($2>3.0);

}

diff --git a/crypto/modes/asm/ghash-x86_64.pl b/crypto/modes/asm/ghash-x86_64.pl
index 0a0bfd575cee..9bdba41d1de5 100755
--- a/crypto/modes/asm/ghash-x86_64.pl
+++ b/crypto/modes/asm/ghash-x86_64.pl

@@ -116,7 +116,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&

$avx = ($1>=10) + ($1>=11);

}

-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {

+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {

$avx = ($2>=3.0) + ($2>3.0);

}

diff --git a/crypto/modes/cbc128.c b/crypto/modes/cbc128.c
index fc7e0b60510b..c85e37c6a546 100644
--- a/crypto/modes/cbc128.c
+++ b/crypto/modes/cbc128.c

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -15,6 +15,12 @@

# define STRICT_ALIGNMENT 0

#endif

+#if defined(__GNUC__) && !STRICT_ALIGNMENT

+typedef size_t size_t_aX __attribute((__aligned__(1)));

+#else

+typedef size_t size_t_aX;

+#endif

void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,

size_t len, const void *key,

unsigned char ivec[16], block128_f block)

@@ -40,8 +46,8 @@ void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,

} else {

while (len >= 16) {

for (n = 0; n < 16; n += sizeof(size_t))

- *(size_t *)(out + n) =

- *(size_t *)(in + n) ^ *(size_t *)(iv + n);

+ *(size_t_aX *)(out + n) =

+ *(size_t_aX *)(in + n) ^ *(size_t_aX *)(iv + n);

(*block) (out, out, key);

iv = out;

len -= 16;

@@ -96,7 +102,8 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,

}

} else if (16 % sizeof(size_t) == 0) { /* always true */

while (len >= 16) {

- size_t *out_t = (size_t *)out, *iv_t = (size_t *)iv;

+ size_t_aX *out_t = (size_t_aX *)out;

+ size_t_aX *iv_t = (size_t_aX *)iv;

(*block) (in, out, key);

for (n = 0; n < 16 / sizeof(size_t); n++)

@@ -125,8 +132,10 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,

}

} else if (16 % sizeof(size_t) == 0) { /* always true */

while (len >= 16) {

- size_t c, *out_t = (size_t *)out, *ivec_t = (size_t *)ivec;

- const size_t *in_t = (const size_t *)in;

+ size_t c;

+ size_t_aX *out_t = (size_t_aX *)out;

+ size_t_aX *ivec_t = (size_t_aX *)ivec;

+ const size_t_aX *in_t = (const size_t_aX *)in;

(*block) (in, tmp.c, key);

for (n = 0; n < 16 / sizeof(size_t); n++) {

diff --git a/crypto/modes/ccm128.c b/crypto/modes/ccm128.c
index 424722811c16..655b10350201 100644
--- a/crypto/modes/ccm128.c
+++ b/crypto/modes/ccm128.c

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -11,6 +11,14 @@

#include "modes_local.h"

#include <string.h>

+#ifndef STRICT_ALIGNMENT

+# ifdef __GNUC__

+typedef u64 u64_a1 __attribute((__aligned__(1)));

+# else

+typedef u64 u64_a1;

+# endif

+#endif

* First you setup M and L parameters and pass the key schedule. This is

* called once per session setup...

@@ -170,8 +178,8 @@ int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,

ctx->cmac.u[0] ^= temp.u[0];

ctx->cmac.u[1] ^= temp.u[1];

#else

- ctx->cmac.u[0] ^= ((u64 *)inp)[0];

- ctx->cmac.u[1] ^= ((u64 *)inp)[1];

+ ctx->cmac.u[0] ^= ((u64_a1 *)inp)[0];

+ ctx->cmac.u[1] ^= ((u64_a1 *)inp)[1];

#endif

(*block) (ctx->cmac.c, ctx->cmac.c, key);

(*block) (ctx->nonce.c, scratch.c, key);

@@ -181,8 +189,8 @@ int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,

temp.u[1] ^= scratch.u[1];

memcpy(out, temp.c, 16);

#else

- ((u64 *)out)[0] = scratch.u[0] ^ ((u64 *)inp)[0];

- ((u64 *)out)[1] = scratch.u[1] ^ ((u64 *)inp)[1];

+ ((u64_a1 *)out)[0] = scratch.u[0] ^ ((u64_a1 *)inp)[0];

+ ((u64_a1 *)out)[1] = scratch.u[1] ^ ((u64_a1 *)inp)[1];

#endif

inp += 16;

out += 16;

@@ -254,8 +262,10 @@ int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,

ctx->cmac.u[1] ^= (scratch.u[1] ^= temp.u[1]);

memcpy(out, scratch.c, 16);

#else

- ctx->cmac.u[0] ^= (((u64 *)out)[0] = scratch.u[0] ^ ((u64 *)inp)[0]);

- ctx->cmac.u[1] ^= (((u64 *)out)[1] = scratch.u[1] ^ ((u64 *)inp)[1]);

+ ctx->cmac.u[0] ^= (((u64_a1 *)out)[0]

+ = scratch.u[0] ^ ((u64_a1 *)inp)[0]);

+ ctx->cmac.u[1] ^= (((u64_a1 *)out)[1]

+ = scratch.u[1] ^ ((u64_a1 *)inp)[1]);

#endif

(*block) (ctx->cmac.c, ctx->cmac.c, key);

diff --git a/crypto/modes/cfb128.c b/crypto/modes/cfb128.c
index b6bec414a966..b2530007b6e4 100644
--- a/crypto/modes/cfb128.c
+++ b/crypto/modes/cfb128.c

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -11,6 +11,12 @@

#include "modes_local.h"

#include <string.h>

+#if defined(__GNUC__) && !defined(STRICT_ALIGNMENT)

+typedef size_t size_t_aX __attribute((__aligned__(1)));

+#else

+typedef size_t size_t_aX;

+#endif

* The input and output encrypted as though 128bit cfb mode is being used.

* The extra state information to record how much of the 128bit block we have

@@ -43,8 +49,9 @@ void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,

while (len >= 16) {

(*block) (ivec, ivec, key);

for (; n < 16; n += sizeof(size_t)) {

- *(size_t *)(out + n) =

- *(size_t *)(ivec + n) ^= *(size_t *)(in + n);

+ *(size_t_aX *)(out + n) =

+ *(size_t_aX *)(ivec + n)

+ ^= *(size_t_aX *)(in + n);

}

len -= 16;

out += 16;

@@ -92,9 +99,10 @@ void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,

while (len >= 16) {

(*block) (ivec, ivec, key);

for (; n < 16; n += sizeof(size_t)) {

- size_t t = *(size_t *)(in + n);

- *(size_t *)(out + n) = *(size_t *)(ivec + n) ^ t;

- *(size_t *)(ivec + n) = t;

+ size_t t = *(size_t_aX *)(in + n);

+ *(size_t_aX *)(out + n)

+ = *(size_t_aX *)(ivec + n) ^ t;

+ *(size_t_aX *)(ivec + n) = t;

}

len -= 16;

out += 16;

diff --git a/crypto/modes/ctr128.c b/crypto/modes/ctr128.c
index ae35116e9524..1ed7decedfd3 100644
--- a/crypto/modes/ctr128.c
+++ b/crypto/modes/ctr128.c

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -11,6 +11,12 @@

#include "modes_local.h"

#include <string.h>

+#if defined(__GNUC__) && !defined(STRICT_ALIGNMENT)

+typedef size_t size_t_aX __attribute((__aligned__(1)));

+#else

+typedef size_t size_t_aX;

+#endif

* NOTE: the IV/counter CTR mode is big-endian. The code itself is

* endian-neutral.

@@ -97,8 +103,9 @@ void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,

(*block) (ivec, ecount_buf, key);

ctr128_inc_aligned(ivec);

for (n = 0; n < 16; n += sizeof(size_t))

- *(size_t *)(out + n) =

- *(size_t *)(in + n) ^ *(size_t *)(ecount_buf + n);

+ *(size_t_aX *)(out + n) =

+ *(size_t_aX *)(in + n)

+ ^ *(size_t_aX *)(ecount_buf + n);

len -= 16;

out += 16;

in += 16;

diff --git a/crypto/modes/gcm128.c b/crypto/modes/gcm128.c
index 48775e6d05ff..0c0bf3cda5b5 100644
--- a/crypto/modes/gcm128.c
+++ b/crypto/modes/gcm128.c

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -11,6 +11,12 @@

#include "modes_local.h"

#include <string.h>

+#if defined(__GNUC__) && !defined(STRICT_ALIGNMENT)

+typedef size_t size_t_aX __attribute((__aligned__(1)));

+#else

+typedef size_t size_t_aX;

+#endif

#if defined(BSWAP4) && defined(STRICT_ALIGNMENT)

/* redefine, because alignment is ensured */

# undef GETU32

@@ -1080,8 +1086,8 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,

size_t j = GHASH_CHUNK;

while (j) {

- size_t *out_t = (size_t *)out;

- const size_t *in_t = (const size_t *)in;

+ size_t_aX *out_t = (size_t_aX *)out;

+ const size_t_aX *in_t = (const size_t_aX *)in;

(*block) (ctx->Yi.c, ctx->EKi.c, key);

++ctr;

@@ -1107,8 +1113,8 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,

size_t j = i;

while (len >= 16) {

- size_t *out_t = (size_t *)out;

- const size_t *in_t = (const size_t *)in;

+ size_t_aX *out_t = (size_t_aX *)out;

+ const size_t_aX *in_t = (const size_t_aX *)in;

(*block) (ctx->Yi.c, ctx->EKi.c, key);

++ctr;

@@ -1318,8 +1324,8 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,

GHASH(ctx, in, GHASH_CHUNK);

while (j) {

- size_t *out_t = (size_t *)out;

- const size_t *in_t = (const size_t *)in;

+ size_t_aX *out_t = (size_t_aX *)out;

+ const size_t_aX *in_t = (const size_t_aX *)in;

(*block) (ctx->Yi.c, ctx->EKi.c, key);

++ctr;

@@ -1343,8 +1349,8 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,

if ((i = (len & (size_t)-16))) {

GHASH(ctx, in, i);

while (len >= 16) {

- size_t *out_t = (size_t *)out;

- const size_t *in_t = (const size_t *)in;

+ size_t_aX *out_t = (size_t_aX *)out;

+ const size_t_aX *in_t = (const size_t_aX *)in;

(*block) (ctx->Yi.c, ctx->EKi.c, key);

++ctr;

diff --git a/crypto/modes/modes_local.h b/crypto/modes/modes_local.h
index f2ae01d11afd..28c32c0643f4 100644
--- a/crypto/modes/modes_local.h
+++ b/crypto/modes/modes_local.h

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -37,6 +37,14 @@ typedef unsigned char u8;

# endif

#endif

+#ifndef STRICT_ALIGNMENT

+# ifdef __GNUC__

+typedef u32 u32_a1 __attribute((__aligned__(1)));

+# else

+typedef u32 u32_a1;

+# endif

+#endif

#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)

# if defined(__GNUC__) && __GNUC__>=2

# if defined(__x86_64) || defined(__x86_64__)

@@ -86,8 +94,8 @@ _asm mov eax, val _asm bswap eax}

# endif

#endif

#if defined(BSWAP4) && !defined(STRICT_ALIGNMENT)

-# define GETU32(p) BSWAP4(*(const u32 *)(p))

-# define PUTU32(p,v) *(u32 *)(p) = BSWAP4(v)

+# define GETU32(p) BSWAP4(*(const u32_a1 *)(p))

+# define PUTU32(p,v) *(u32_a1 *)(p) = BSWAP4(v)

#else

# define GETU32(p) ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3])

# define PUTU32(p,v) ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))

diff --git a/crypto/modes/ofb128.c b/crypto/modes/ofb128.c
index 44bdf888db1a..a3469712b2de 100644
--- a/crypto/modes/ofb128.c
+++ b/crypto/modes/ofb128.c

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -11,6 +11,12 @@

#include "modes_local.h"

#include <string.h>

+#if defined(__GNUC__) && !defined(STRICT_ALIGNMENT)

+typedef size_t size_t_aX __attribute((__aligned__(1)));

+#else

+typedef size_t size_t_aX;

+#endif

* The input and output encrypted as though 128bit ofb mode is being used.

* The extra state information to record how much of the 128bit block we have

@@ -41,8 +47,9 @@ void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,

while (len >= 16) {

(*block) (ivec, ivec, key);

for (; n < 16; n += sizeof(size_t))

- *(size_t *)(out + n) =

- *(size_t *)(in + n) ^ *(size_t *)(ivec + n);

+ *(size_t_aX *)(out + n) =

+ *(size_t_aX *)(in + n)

+ ^ *(size_t_aX *)(ivec + n);

len -= 16;

out += 16;

in += 16;

diff --git a/crypto/modes/xts128.c b/crypto/modes/xts128.c
index b5bda5e6402d..fe1626c62e10 100644
--- a/crypto/modes/xts128.c
+++ b/crypto/modes/xts128.c

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -11,6 +11,14 @@

#include "modes_local.h"

#include <string.h>

+#ifndef STRICT_ALIGNMENT

+# ifdef __GNUC__

+typedef u64 u64_a1 __attribute((__aligned__(1)));

+# else

+typedef u64 u64_a1;

+# endif

+#endif

int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,

const unsigned char iv[16],

const unsigned char *inp, unsigned char *out,

@@ -45,8 +53,8 @@ int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,

scratch.u[0] ^= tweak.u[0];

scratch.u[1] ^= tweak.u[1];

#else

- scratch.u[0] = ((u64 *)inp)[0] ^ tweak.u[0];

- scratch.u[1] = ((u64 *)inp)[1] ^ tweak.u[1];

+ scratch.u[0] = ((u64_a1 *)inp)[0] ^ tweak.u[0];

+ scratch.u[1] = ((u64_a1 *)inp)[1] ^ tweak.u[1];

#endif

(*ctx->block1) (scratch.c, scratch.c, ctx->key1);

#if defined(STRICT_ALIGNMENT)

@@ -54,8 +62,8 @@ int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,

scratch.u[1] ^= tweak.u[1];

memcpy(out, scratch.c, 16);

#else

- ((u64 *)out)[0] = scratch.u[0] ^= tweak.u[0];

- ((u64 *)out)[1] = scratch.u[1] ^= tweak.u[1];

+ ((u64_a1 *)out)[0] = scratch.u[0] ^= tweak.u[0];

+ ((u64_a1 *)out)[1] = scratch.u[1] ^= tweak.u[1];

#endif

inp += 16;

out += 16;

@@ -128,8 +136,8 @@ int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,

scratch.u[0] ^= tweak1.u[0];

scratch.u[1] ^= tweak1.u[1];

#else

- scratch.u[0] = ((u64 *)inp)[0] ^ tweak1.u[0];

- scratch.u[1] = ((u64 *)inp)[1] ^ tweak1.u[1];

+ scratch.u[0] = ((u64_a1 *)inp)[0] ^ tweak1.u[0];

+ scratch.u[1] = ((u64_a1 *)inp)[1] ^ tweak1.u[1];

#endif

(*ctx->block1) (scratch.c, scratch.c, ctx->key1);

scratch.u[0] ^= tweak1.u[0];

@@ -148,8 +156,8 @@ int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,

scratch.u[1] ^= tweak.u[1];

memcpy(out, scratch.c, 16);

#else

- ((u64 *)out)[0] = scratch.u[0] ^ tweak.u[0];

- ((u64 *)out)[1] = scratch.u[1] ^ tweak.u[1];

+ ((u64_a1 *)out)[0] = scratch.u[0] ^ tweak.u[0];

+ ((u64_a1 *)out)[1] = scratch.u[1] ^ tweak.u[1];

#endif

}