modes/ocb128.c: fix misaligned access in ILP32 builds on 64-bit processors.
authorAndy Polyakov <appro@openssl.org>
Mon, 20 Mar 2017 11:47:08 +0000 (12:47 +0100)
committerAndy Polyakov <appro@openssl.org>
Wed, 22 Mar 2017 10:09:12 +0000 (11:09 +0100)
One could have fixed the problem by arranging 64-bit alignment of
EVP_AES_OCB_CTX.aad_buf in evp/e_aes.c, but CRYPTO_ocb128_aad
prototype doesn't imply alignment and we have to honour it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2994)

crypto/modes/ocb128.c

index c3bd13b..f6f8da7 100644 (file)
@@ -294,7 +294,7 @@ int CRYPTO_ocb128_aad(OCB128_CONTEXT *ctx, const unsigned char *aad,
 
         /* Sum_i = Sum_{i-1} xor ENCIPHER(K, A_i xor Offset_i) */
         aad_block = (OCB_BLOCK *)(aad + ((i - ctx->blocks_hashed - 1) * 16));
-        ocb_block16_xor(&ctx->offset_aad, aad_block, &tmp1);
+        ocb_block16_xor_misaligned(&ctx->offset_aad, aad_block, &tmp1);
         ctx->encrypt(tmp1.c, tmp2.c, ctx->keyenc);
         ocb_block16_xor(&ctx->sum, &tmp2, &ctx->sum);
     }