crypto/modes: even more strict aliasing fixes [and fix bug in cbc128.c from

[openssl.git] / crypto / modes / ccm128.c

diff --git a/crypto/modes/ccm128.c b/crypto/modes/ccm128.c
index 001fdff658480711e2ed0b2ae42ee1c5283e5e35..3ce11d0d984cbcd34ea507e279677e775065843e 100644 (file)
--- a/crypto/modes/ccm128.c
+++ b/crypto/modes/ccm128.c
@@ -87,7 +87,7 @@ int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
                ctx->nonce.c[11] = (u8)(mlen>>(32%(sizeof(mlen)*8)));
        }
        else
-               *(u32*)(&ctx->nonce.c[8]) = 0;
+               ctx->nonce.u[1] = 0;
 
        ctx->nonce.c[12] = (u8)(mlen>>24);
        ctx->nonce.c[13] = (u8)(mlen>>16);
@@ -356,10 +356,10 @@ int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx,
                inp += n;
                out += n;
                len -= n;
+               if (len) ctr64_add(ctx->nonce.c,n/16);
        }
 
        if (len) {
-               if (n) ctr64_add(ctx->nonce.c,n/16);
                for (i=0; i<len; ++i) ctx->cmac.c[i] ^= inp[i];
                (*block)(ctx->cmac.c,ctx->cmac.c,key);
                (*block)(ctx->nonce.c,scratch.c,key);
@@ -409,10 +409,10 @@ int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx,
                inp += n;
                out += n;
                len -= n;
+               if (len) ctr64_add(ctx->nonce.c,n/16);
        }
 
        if (len) {
-               if (n) ctr64_add(ctx->nonce.c,n/16);
                (*block)(ctx->nonce.c,scratch.c,key);
                for (i=0; i<len; ++i)
                        ctx->cmac.c[i] ^= (out[i] = scratch.c[i]^inp[i]);