X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fevp%2Fe_aes_cbc_hmac_sha256.c;h=e3156039c618c0e454ad9c1815f16b5e2a7cf73f;hp=63c6acda974f1d523a67f9d104912bec9c4c9192;hb=2893a302a9b6a70161d1859d985a52af11b2195d;hpb=ce00c64df9eb78402950e179b54e7745210b04f2

diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 63c6acda97..e3156039c6 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -206,8 +206,6 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
 	u8		*IVs;
 #if defined(BSWAP8)
 	u64		seqnum;
-#else
-	unsigned int	carry,j;
 #endif
 
 	if (RAND_bytes((IVs=blocks[0].c),16*x4)<=0)	/* ask for IVs in bulk */
@@ -244,6 +242,9 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
 #endif
 	for (i=0;i<x4;i++) {
 		unsigned int len = (i==(x4-1)?last:frag);
+#if !defined(BSWAP8)
+		unsigned int carry, j;
+#endif
 
 		ctx->A[i] = key->md.h[0];
 		ctx->B[i] = key->md.h[1];
@@ -328,10 +329,18 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
 		len += 64+13;		/* 64 is HMAC header */
 		len *= 8;		/* convert to bits */
 		if (off<(64-8)) {
+#ifdef BSWAP4
+			blocks[i].d[15] = BSWAP4(len);
+#else
 			PUTU32(blocks[i].c+60,len);
+#endif
 			edges[i].blocks = 1;			
 		} else {
+#ifdef BSWAP4
+			blocks[i].d[31] = BSWAP4(len);
+#else
 			PUTU32(blocks[i].c+124,len);
+#endif
 			edges[i].blocks = 2;
 		}
 		edges[i].ptr = blocks[i].c;
@@ -342,6 +351,18 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
 
 	memset(blocks,0,sizeof(blocks));
 	for (i=0;i<x4;i++) {
+#ifdef BSWAP4
+		blocks[i].d[0] = BSWAP4(ctx->A[i]);	ctx->A[i] = key->tail.h[0];
+		blocks[i].d[1] = BSWAP4(ctx->B[i]);	ctx->B[i] = key->tail.h[1];
+		blocks[i].d[2] = BSWAP4(ctx->C[i]);	ctx->C[i] = key->tail.h[2];
+		blocks[i].d[3] = BSWAP4(ctx->D[i]);	ctx->D[i] = key->tail.h[3];
+		blocks[i].d[4] = BSWAP4(ctx->E[i]);	ctx->E[i] = key->tail.h[4];
+		blocks[i].d[5] = BSWAP4(ctx->F[i]);	ctx->F[i] = key->tail.h[5];
+		blocks[i].d[6] = BSWAP4(ctx->G[i]);	ctx->G[i] = key->tail.h[6];
+		blocks[i].d[7] = BSWAP4(ctx->H[i]);	ctx->H[i] = key->tail.h[7];
+		blocks[i].c[32] = 0x80;
+		blocks[i].d[15] = BSWAP4((64+32)*8);
+#else
 		PUTU32(blocks[i].c+0,ctx->A[i]);	ctx->A[i] = key->tail.h[0];
 		PUTU32(blocks[i].c+4,ctx->B[i]);	ctx->B[i] = key->tail.h[1];
 		PUTU32(blocks[i].c+8,ctx->C[i]);	ctx->C[i] = key->tail.h[2];
@@ -352,6 +373,7 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
 		PUTU32(blocks[i].c+28,ctx->H[i]);	ctx->H[i] = key->tail.h[7];
 		blocks[i].c[32] = 0x80;
 		PUTU32(blocks[i].c+60,(64+32)*8);
+#endif
 		edges[i].ptr = blocks[i].c;
 		edges[i].blocks = 1;
 	}
@@ -703,6 +725,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
 	{
 	EVP_AES_HMAC_SHA256 *key = data(ctx);
+	unsigned int u_arg = (unsigned int)arg;
 
 	switch (type)
 		{
@@ -713,7 +736,10 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, vo
 
 		memset (hmac_key,0,sizeof(hmac_key));
 
-		if (arg > (int)sizeof(hmac_key)) {
+		if (arg < 0)
+			return -1;
+
+		if (u_arg > sizeof(hmac_key)) {
 			SHA256_Init(&key->head);
 			SHA256_Update(&key->head,ptr,arg);
 			SHA256_Final(hmac_key,&key->head);
@@ -773,7 +799,10 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, vo
 		unsigned int n4x=1, x4;
 		unsigned int frag, last, packlen, inp_len;
 
-		if (arg<sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM)) return -1;
+		if (arg < 0)
+			return -1;
+
+		if (u_arg < sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM)) return -1;
 
 		inp_len = param->inp[11]<<8|param->inp[12];