From: Andy Polyakov <appro@openssl.org>
Date: Mon, 20 Mar 2017 11:47:08 +0000 (+0100)
Subject: modes/ocb128.c: fix misaligned access in ILP32 builds on 64-bit processors.
X-Git-Tag: OpenSSL_1_1_1-pre1~1963
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=a2bb183623dac253792753b82e291fd1d180aa78

modes/ocb128.c: fix misaligned access in ILP32 builds on 64-bit processors.

One could have fixed the problem by arranging 64-bit alignment of
EVP_AES_OCB_CTX.aad_buf in evp/e_aes.c, but CRYPTO_ocb128_aad
prototype doesn't imply alignment and we have to honour it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2994)
---

diff --git a/crypto/modes/ocb128.c b/crypto/modes/ocb128.c
index c3bd13bbe2..f6f8da7ab7 100644
--- a/crypto/modes/ocb128.c
+++ b/crypto/modes/ocb128.c
@@ -294,7 +294,7 @@ int CRYPTO_ocb128_aad(OCB128_CONTEXT *ctx, const unsigned char *aad,
 
         /* Sum_i = Sum_{i-1} xor ENCIPHER(K, A_i xor Offset_i) */
         aad_block = (OCB_BLOCK *)(aad + ((i - ctx->blocks_hashed - 1) * 16));
-        ocb_block16_xor(&ctx->offset_aad, aad_block, &tmp1);
+        ocb_block16_xor_misaligned(&ctx->offset_aad, aad_block, &tmp1);
         ctx->encrypt(tmp1.c, tmp2.c, ctx->keyenc);
         ocb_block16_xor(&ctx->sum, &tmp2, &ctx->sum);
     }