ref: b8024d53e77374d4a5b7868aa17cac3f11c33581
parent: 77ede9e4db21892f1c5bebc4def2c8c1c569f5cd
author: Samuel Neves <sneves@dei.uc.pt>
date: Wed Aug 6 07:33:19 EDT 2014
Check for overflow of outlen in blake2{s,b}_final
Fix warnings with -Wcast-qual
Fix blake2{sp,bp}_final's return value
--- a/ref/blake2-impl.h
+++ b/ref/blake2-impl.h
@@ -19,9 +19,11 @@
static inline uint32_t load32( const void *src )
{#if defined(NATIVE_LITTLE_ENDIAN)
- return *( uint32_t * )( src );
+ uint32_t w;
+ memcpy(&w, src, sizeof w);
+ return w;
#else
- const uint8_t *p = ( uint8_t * )src;
+ const uint8_t *p = ( const uint8_t * )src;
uint32_t w = *p++;
w |= ( uint32_t )( *p++ ) << 8;
w |= ( uint32_t )( *p++ ) << 16;
@@ -33,9 +35,11 @@
static inline uint64_t load64( const void *src )
{#if defined(NATIVE_LITTLE_ENDIAN)
- return *( uint64_t * )( src );
+ uint64_t w;
+ memcpy(&w, src, sizeof w);
+ return w;
#else
- const uint8_t *p = ( uint8_t * )src;
+ const uint8_t *p = ( const uint8_t * )src;
uint64_t w = *p++;
w |= ( uint64_t )( *p++ ) << 8;
w |= ( uint64_t )( *p++ ) << 16;
@@ -51,7 +55,7 @@
static inline void store32( void *dst, uint32_t w )
{#if defined(NATIVE_LITTLE_ENDIAN)
- *( uint32_t * )( dst ) = w;
+ memcpy(dst, &w, sizeof w);
#else
uint8_t *p = ( uint8_t * )dst;
*p++ = ( uint8_t )w; w >>= 8;
@@ -64,7 +68,7 @@
static inline void store64( void *dst, uint64_t w )
{#if defined(NATIVE_LITTLE_ENDIAN)
- *( uint64_t * )( dst ) = w;
+ memcpy(dst, &w, sizeof w);
#else
uint8_t *p = ( uint8_t * )dst;
*p++ = ( uint8_t )w; w >>= 8;
@@ -125,7 +129,6 @@
static inline void secure_zero_memory( void *v, size_t n )
{volatile uint8_t *p = ( volatile uint8_t * )v;
-
while( n-- ) *p++ = 0;
}
--- a/ref/blake2b-ref.c
+++ b/ref/blake2b-ref.c
@@ -149,7 +149,7 @@
int blake2b_init_param( blake2b_state *S, const blake2b_param *P )
{blake2b_init0( S );
- uint8_t *p = ( uint8_t * )( P );
+ const uint8_t *p = ( const uint8_t * )( P );
/* IV XOR ParamBlock */
for( size_t i = 0; i < 8; ++i )
@@ -310,8 +310,11 @@
/* Is this correct? */
int blake2b_final( blake2b_state *S, uint8_t *out, uint8_t outlen )
{- uint8_t buffer[BLAKE2B_OUTBYTES];
+ uint8_t buffer[BLAKE2B_OUTBYTES] = {0};+ if( outlen > BLAKE2B_OUTBYTES )
+ return -1;
+
if( S->buflen > BLAKE2B_BLOCKBYTES )
{blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
@@ -353,7 +356,7 @@
if( blake2b_init( S, outlen ) < 0 ) return -1;
}
- blake2b_update( S, ( uint8_t * )in, inlen );
+ blake2b_update( S, ( const uint8_t * )in, inlen );
blake2b_final( S, out, outlen );
return 0;
}
--- a/ref/blake2bp-ref.c
+++ b/ref/blake2bp-ref.c
@@ -179,8 +179,8 @@
for( size_t i = 0; i < PARALLELISM_DEGREE; ++i )
blake2b_update( S->R, hash[i], BLAKE2B_OUTBYTES );
- blake2b_final( S->R, out, outlen );
- return 0;
+
+ return blake2b_final( S->R, out, outlen );
}
int blake2bp( uint8_t *out, const void *in, const void *key, uint8_t outlen, uint64_t inlen, uint8_t keylen )
@@ -252,8 +252,7 @@
for( size_t i = 0; i < PARALLELISM_DEGREE; ++i )
blake2b_update( FS, hash[i], BLAKE2B_OUTBYTES );
- blake2b_final( FS, out, outlen );
- return 0;
+ return blake2b_final( FS, out, outlen );;
}
#if defined(BLAKE2BP_SELFTEST)
--- a/ref/blake2s-ref.c
+++ b/ref/blake2s-ref.c
@@ -142,7 +142,7 @@
int blake2s_init_param( blake2s_state *S, const blake2s_param *P )
{blake2s_init0( S );
- uint32_t *p = ( uint32_t * )( P );
+ const uint32_t *p = ( const uint32_t * )( P );
/* IV XOR ParamBlock */
for( size_t i = 0; i < 8; ++i )
@@ -299,8 +299,11 @@
int blake2s_final( blake2s_state *S, uint8_t *out, uint8_t outlen )
{- uint8_t buffer[BLAKE2S_OUTBYTES];
+ uint8_t buffer[BLAKE2S_OUTBYTES] = {0};+ if( outlen > BLAKE2S_OUTBYTES )
+ return -1;
+
if( S->buflen > BLAKE2S_BLOCKBYTES )
{blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES );
@@ -316,7 +319,7 @@
for( int i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
store32( buffer + sizeof( S->h[i] ) * i, S->h[i] );
-
+
memcpy( out, buffer, outlen );
return 0;
}
@@ -341,7 +344,7 @@
if( blake2s_init( S, outlen ) < 0 ) return -1;
}
- blake2s_update( S, ( uint8_t * )in, inlen );
+ blake2s_update( S, ( const uint8_t * )in, inlen );
blake2s_final( S, out, outlen );
return 0;
}
--- a/ref/blake2sp-ref.c
+++ b/ref/blake2sp-ref.c
@@ -177,8 +177,7 @@
for( size_t i = 0; i < PARALLELISM_DEGREE; ++i )
blake2s_update( S->R, hash[i], BLAKE2S_OUTBYTES );
- blake2s_final( S->R, out, outlen );
- return 0;
+ return blake2s_final( S->R, out, outlen );
}
@@ -251,8 +250,7 @@
for( size_t i = 0; i < PARALLELISM_DEGREE; ++i )
blake2s_update( FS, hash[i], BLAKE2S_OUTBYTES );
- blake2s_final( FS, out, outlen );
- return 0;
+ return blake2s_final( FS, out, outlen );
}
--- a/sse/blake2-impl.h
+++ b/sse/blake2-impl.h
@@ -19,9 +19,11 @@
static inline uint32_t load32( const void *src )
{#if defined(NATIVE_LITTLE_ENDIAN)
- return *( uint32_t * )( src );
+ uint32_t w;
+ memcpy(&w, src, sizeof w);
+ return w;
#else
- const uint8_t *p = ( uint8_t * )src;
+ const uint8_t *p = ( const uint8_t * )src;
uint32_t w = *p++;
w |= ( uint32_t )( *p++ ) << 8;
w |= ( uint32_t )( *p++ ) << 16;
@@ -33,9 +35,11 @@
static inline uint64_t load64( const void *src )
{#if defined(NATIVE_LITTLE_ENDIAN)
- return *( uint64_t * )( src );
+ uint64_t w;
+ memcpy(&w, src, sizeof w);
+ return w;
#else
- const uint8_t *p = ( uint8_t * )src;
+ const uint8_t *p = ( const uint8_t * )src;
uint64_t w = *p++;
w |= ( uint64_t )( *p++ ) << 8;
w |= ( uint64_t )( *p++ ) << 16;
@@ -51,7 +55,7 @@
static inline void store32( void *dst, uint32_t w )
{#if defined(NATIVE_LITTLE_ENDIAN)
- *( uint32_t * )( dst ) = w;
+ memcpy(dst, &w, sizeof w);
#else
uint8_t *p = ( uint8_t * )dst;
*p++ = ( uint8_t )w; w >>= 8;
@@ -64,7 +68,7 @@
static inline void store64( void *dst, uint64_t w )
{#if defined(NATIVE_LITTLE_ENDIAN)
- *( uint64_t * )( dst ) = w;
+ memcpy(dst, &w, sizeof w);
#else
uint8_t *p = ( uint8_t * )dst;
*p++ = ( uint8_t )w; w >>= 8;
@@ -125,7 +129,6 @@
static inline void secure_zero_memory( void *v, size_t n )
{volatile uint8_t *p = ( volatile uint8_t * )v;
-
while( n-- ) *p++ = 0;
}
--- a/sse/blake2b-round.h
+++ b/sse/blake2b-round.h
@@ -14,10 +14,10 @@
#ifndef __BLAKE2B_ROUND_H__
#define __BLAKE2B_ROUND_H__
-#define LOAD(p) _mm_load_si128( (__m128i *)(p) )
+#define LOAD(p) _mm_load_si128( (const __m128i *)(p) )
#define STORE(p,r) _mm_store_si128((__m128i *)(p), r)
-#define LOADU(p) _mm_loadu_si128( (__m128i *)(p) )
+#define LOADU(p) _mm_loadu_si128( (const __m128i *)(p) )
#define STOREU(p,r) _mm_storeu_si128((__m128i *)(p), r)
#define TOF(reg) _mm_castsi128_ps((reg))
--- a/sse/blake2b.c
+++ b/sse/blake2b.c
@@ -175,11 +175,10 @@
/* init xors IV with input parameter block */
int blake2b_init_param( blake2b_state *S, const blake2b_param *P )
{- uint8_t *p, *h, *v;
//blake2b_init0( S );
- v = ( uint8_t * )( blake2b_IV );
- h = ( uint8_t * )( S->h );
- p = ( uint8_t * )( P );
+ const uint8_t * v = ( const uint8_t * )( blake2b_IV );
+ const uint8_t * p = ( const uint8_t * )( P );
+ uint8_t * h = ( uint8_t * )( S->h );
/* IV XOR ParamBlock */
memset( S, 0, sizeof( blake2b_state ) );
@@ -349,6 +348,9 @@
int blake2b_final( blake2b_state *S, uint8_t *out, uint8_t outlen )
{+ if( outlen > BLAKE2B_OUTBYTES )
+ return -1;
+
if( S->buflen > BLAKE2B_BLOCKBYTES )
{blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
@@ -386,7 +388,7 @@
if( blake2b_init( S, outlen ) < 0 ) return -1;
}
- blake2b_update( S, ( uint8_t * )in, inlen );
+ blake2b_update( S, ( const uint8_t * )in, inlen );
blake2b_final( S, out, outlen );
return 0;
}
--- a/sse/blake2bp.c
+++ b/sse/blake2bp.c
@@ -181,8 +181,7 @@
for( size_t i = 0; i < PARALLELISM_DEGREE; ++i )
blake2b_update( S->R, hash[i], BLAKE2B_OUTBYTES );
- blake2b_final( S->R, out, outlen );
- return 0;
+ return blake2b_final( S->R, out, outlen );
}
int blake2bp( uint8_t *out, const void *in, const void *key, uint8_t outlen, uint64_t inlen, uint8_t keylen )
@@ -254,8 +253,7 @@
for( size_t i = 0; i < PARALLELISM_DEGREE; ++i )
blake2b_update( FS, hash[i], BLAKE2B_OUTBYTES );
- blake2b_final( FS, out, outlen );
- return 0;
+ return blake2b_final( FS, out, outlen );
}
--- a/sse/blake2s-round.h
+++ b/sse/blake2s-round.h
@@ -14,10 +14,10 @@
#ifndef __BLAKE2S_ROUND_H__
#define __BLAKE2S_ROUND_H__
-#define LOAD(p) _mm_load_si128( (__m128i *)(p) )
+#define LOAD(p) _mm_load_si128( (const __m128i *)(p) )
#define STORE(p,r) _mm_store_si128((__m128i *)(p), r)
-#define LOADU(p) _mm_loadu_si128( (__m128i *)(p) )
+#define LOADU(p) _mm_loadu_si128( (const __m128i *)(p) )
#define STOREU(p,r) _mm_storeu_si128((__m128i *)(p), r)
#define TOF(reg) _mm_castsi128_ps((reg))
--- a/sse/blake2s.c
+++ b/sse/blake2s.c
@@ -164,11 +164,10 @@
/* init2 xors IV with input parameter block */
int blake2s_init_param( blake2s_state *S, const blake2s_param *P )
{- uint8_t *p, *h, *v;
//blake2s_init0( S );
- v = ( uint8_t * )( blake2s_IV );
- h = ( uint8_t * )( S->h );
- p = ( uint8_t * )( P );
+ const uint8_t * v = ( const uint8_t * )( blake2s_IV );
+ const uint8_t * p = ( const uint8_t * )( P );
+ uint8_t * h = ( uint8_t * )( S->h );
/* IV XOR ParamBlock */
memset( S, 0, sizeof( blake2s_state ) );
@@ -327,8 +326,11 @@
/* Is this correct? */
int blake2s_final( blake2s_state *S, uint8_t *out, uint8_t outlen )
{- uint8_t buffer[BLAKE2S_OUTBYTES];
+ uint8_t buffer[BLAKE2S_OUTBYTES] = {0};+ if( outlen > BLAKE2S_OUTBYTES )
+ return -1;
+
if( S->buflen > BLAKE2S_BLOCKBYTES )
{blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES );
@@ -370,7 +372,7 @@
if( blake2s_init( S, outlen ) < 0 ) return -1;
}
- blake2s_update( S, ( uint8_t * )in, inlen );
+ blake2s_update( S, ( const uint8_t * )in, inlen );
blake2s_final( S, out, outlen );
return 0;
}
--- a/sse/blake2sp.c
+++ b/sse/blake2sp.c
@@ -177,8 +177,7 @@
for( size_t i = 0; i < PARALLELISM_DEGREE; ++i )
blake2s_update( S->R, hash[i], BLAKE2S_OUTBYTES );
- blake2s_final( S->R, out, outlen );
- return 0;
+ return blake2s_final( S->R, out, outlen );
}
@@ -251,8 +250,7 @@
for( size_t i = 0; i < PARALLELISM_DEGREE; ++i )
blake2s_update( FS, hash[i], BLAKE2S_OUTBYTES );
- blake2s_final( FS, out, outlen );
- return 0;
+ return blake2s_final( FS, out, outlen );
}
#if defined(BLAKE2SP_SELFTEST)
--
⑨