From 9f9d8d75f0a6a021bfa1fb1c344672ba26496aa2 Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Sun, 3 May 2026 22:19:24 +0200 Subject: [PATCH] fix UBSanitizer issue: load of misaligned address for type LTC_FAST_TYPE (replacing LTC_FAST_TYPE_PTR_CAST approach) --- src/encauth/ccm/ccm_memory.c | 8 ++++---- src/encauth/gcm/gcm_add_aad.c | 2 +- src/encauth/gcm/gcm_add_iv.c | 2 +- src/encauth/gcm/gcm_mult_h.c | 2 +- src/encauth/gcm/gcm_process.c | 8 ++++---- src/headers/tomcrypt_cfg.h | 9 ++++----- src/headers/tomcrypt_private.h | 37 ++++++++++++++++++++++++++++++++++ src/mac/f9/f9_process.c | 4 ++-- src/mac/omac/omac_process.c | 2 +- src/mac/pelican/pelican.c | 2 +- src/mac/pmac/pmac_process.c | 4 ++-- src/mac/pmac/pmac_shift_xor.c | 3 +-- src/mac/xcbc/xcbc_process.c | 2 +- src/misc/copy_or_zeromem.c | 2 +- src/modes/cbc/cbc_decrypt.c | 6 +++--- src/modes/cbc/cbc_encrypt.c | 4 ++-- src/modes/ctr/ctr_encrypt.c | 3 +-- src/modes/f8/f8_encrypt.c | 4 ++-- src/modes/lrw/lrw_process.c | 6 +++--- src/modes/lrw/lrw_setiv.c | 2 +- src/modes/xts/xts_decrypt.c | 4 ++-- src/modes/xts/xts_encrypt.c | 4 ++-- tests/store_test.c | 2 +- 23 files changed, 78 insertions(+), 44 deletions(-) diff --git a/src/encauth/ccm/ccm_memory.c b/src/encauth/ccm/ccm_memory.c index d23904463..88343d10e 100644 --- a/src/encauth/ccm/ccm_memory.c +++ b/src/encauth/ccm/ccm_memory.c @@ -248,8 +248,8 @@ int ccm_memory(int cipher, /* xor the PT against the pad first */ for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&PAD[z])) ^= *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])); - *(LTC_FAST_TYPE_PTR_CAST(&ct[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])) ^ *(LTC_FAST_TYPE_PTR_CAST(&CTRPAD[z])); + LTC_FAST_XOR2(&PAD[z], &pt[y+z]); + LTC_FAST_XOR3(&ct[y+z], &pt[y+z], &CTRPAD[z]); } if ((err = ecb_encrypt_block(PAD, PAD, skey)) != CRYPT_OK) { goto error; @@ -268,8 +268,8 @@ int ccm_memory(int cipher, /* xor the PT against the pad last */ for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&ct[y+z])) ^ *(LTC_FAST_TYPE_PTR_CAST(&CTRPAD[z])); - *(LTC_FAST_TYPE_PTR_CAST(&PAD[z])) ^= *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])); + LTC_FAST_XOR3(&pt[y+z], &ct[y+z], &CTRPAD[z]); + LTC_FAST_XOR2(&PAD[z], &pt[y+z]); } if ((err = ecb_encrypt_block(PAD, PAD, skey)) != CRYPT_OK) { goto error; diff --git a/src/encauth/gcm/gcm_add_aad.c b/src/encauth/gcm/gcm_add_aad.c index 67a86fe52..775776474 100644 --- a/src/encauth/gcm/gcm_add_aad.c +++ b/src/encauth/gcm/gcm_add_aad.c @@ -81,7 +81,7 @@ int gcm_add_aad(gcm_state *gcm, if (gcm->buflen == 0 && adatalen > 15) { for (x = 0; x < (adatalen & ~15); x += 16) { for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&adata[x + y])); + LTC_FAST_XOR2(&gcm->X[y], &adata[x + y]); } gcm_mult_h(gcm, gcm->X); gcm->totlen += 128; diff --git a/src/encauth/gcm/gcm_add_iv.c b/src/encauth/gcm/gcm_add_iv.c index b37a55bf8..7b5446e57 100644 --- a/src/encauth/gcm/gcm_add_iv.c +++ b/src/encauth/gcm/gcm_add_iv.c @@ -45,7 +45,7 @@ int gcm_add_iv(gcm_state *gcm, if (gcm->buflen == 0) { for (x = 0; x < (IVlen & ~15); x += 16) { for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&IV[x + y])); + LTC_FAST_XOR2(&gcm->X[y], &IV[x + y]); } gcm_mult_h(gcm, gcm->X); gcm->totlen += 128; diff --git a/src/encauth/gcm/gcm_mult_h.c b/src/encauth/gcm/gcm_mult_h.c index c0fd9c56b..0c90fac7a 100644 --- a/src/encauth/gcm/gcm_mult_h.c +++ b/src/encauth/gcm/gcm_mult_h.c @@ -30,7 +30,7 @@ void gcm_mult_h(const gcm_state *gcm, unsigned char *I) for (x = 1; x < 16; x++) { #ifdef LTC_FAST for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(T + y)) ^= *(LTC_FAST_TYPE_PTR_CAST(&gcm->PC[x][I[x]][y])); + LTC_FAST_XOR2(T + y, &gcm->PC[x][I[x]][y]); } #else for (y = 0; y < 16; y++) { diff --git a/src/encauth/gcm/gcm_process.c b/src/encauth/gcm/gcm_process.c index b75c1d040..acaf1ed83 100644 --- a/src/encauth/gcm/gcm_process.c +++ b/src/encauth/gcm/gcm_process.c @@ -79,8 +79,8 @@ int gcm_process(gcm_state *gcm, for (x = 0; x < (ptlen & ~15); x += 16) { /* ctr encrypt */ for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&ct[x + y])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[x+y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&gcm->buf[y])); - *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&ct[x+y])); + LTC_FAST_XOR3(&ct[x + y], &pt[x+y], &gcm->buf[y]); + LTC_FAST_XOR2(&gcm->X[y], &ct[x+y]); } /* GMAC it */ gcm->pttotlen += 128; @@ -97,8 +97,8 @@ int gcm_process(gcm_state *gcm, for (x = 0; x < (ptlen & ~15); x += 16) { /* ctr encrypt */ for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&ct[x+y])); - *(LTC_FAST_TYPE_PTR_CAST(&pt[x + y])) = *(LTC_FAST_TYPE_PTR_CAST(&ct[x+y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&gcm->buf[y])); + LTC_FAST_XOR2(&gcm->X[y], &ct[x+y]); + LTC_FAST_XOR3(&pt[x + y], &ct[x+y], &gcm->buf[y]); } /* GMAC it */ gcm->pttotlen += 128; diff --git a/src/headers/tomcrypt_cfg.h b/src/headers/tomcrypt_cfg.h index 14b81d87f..ebda895d9 100644 --- a/src/headers/tomcrypt_cfg.h +++ b/src/headers/tomcrypt_cfg.h @@ -261,17 +261,16 @@ typedef unsigned long ltc_mp_digit; #define LTC_NO_SHA256_X86 #endif -/* No LTC_FAST if: explicitly disabled OR non-gcc/non-clang compiler OR old gcc OR using -ansi -std=c99 */ -#if defined(LTC_NO_FAST) || (__GNUC__ < 4) || defined(__STRICT_ANSI__) +/* No LTC_FAST if explicitly disabled */ +#if defined(LTC_NO_FAST) #undef LTC_FAST #endif #ifdef LTC_FAST - #define LTC_FAST_TYPE_PTR_CAST(x) ((LTC_FAST_TYPE*)(void*)(x)) #ifdef ENDIAN_64BITWORD - typedef ulong64 __attribute__((__may_alias__)) LTC_FAST_TYPE; + typedef ulong64 LTC_FAST_TYPE; #else - typedef ulong32 __attribute__((__may_alias__)) LTC_FAST_TYPE; + typedef ulong32 LTC_FAST_TYPE; #endif #endif diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 6df57ef9f..54d6d708d 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -47,6 +47,43 @@ LTC_STATIC_ASSERT(correct_ltc_uintptr_size, sizeof(ltc_uintptr) == sizeof(void*) #define LTC_ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0])) +#ifdef LTC_FAST +/* The LTC_FAST helpers operate on byte buffers that are not guaranteed to be aligned for LTC_FAST_TYPE. + Use memcpy for loads/stores to avoid undefined behavior from unaligned or aliasing-unsafe typed-pointer dereferences. + On GCC/Clang prefer __builtin_memcpy: it is guaranteed to be inlined for constant sizes regardless of any + user override of XMEMCPY (e.g. embedded builds). Other compilers fall back to XMEMCPY. +*/ +static LTC_INLINE LTC_FAST_TYPE LTC_FAST_LOAD(const void *p) +{ + LTC_FAST_TYPE v; +#if defined(__GNUC__) + __builtin_memcpy(&v, p, sizeof(v)); +#else + XMEMCPY(&v, p, sizeof(v)); +#endif + return v; +} + +static LTC_INLINE void LTC_FAST_STORE(void *p, LTC_FAST_TYPE v) +{ +#if defined(__GNUC__) + __builtin_memcpy(p, &v, sizeof(v)); +#else + XMEMCPY(p, &v, sizeof(v)); +#endif +} + +static LTC_INLINE void LTC_FAST_XOR2(void *dst, const void *src) +{ + LTC_FAST_STORE(dst, LTC_FAST_LOAD(dst) ^ LTC_FAST_LOAD(src)); +} + +static LTC_INLINE void LTC_FAST_XOR3(void *dst, const void *src1, const void *src2) +{ + LTC_FAST_STORE(dst, LTC_FAST_LOAD(src1) ^ LTC_FAST_LOAD(src2)); +} +#endif + /* * Internal Enums */ diff --git a/src/mac/f9/f9_process.c b/src/mac/f9/f9_process.c index 8860da387..42ecf8d69 100644 --- a/src/mac/f9/f9_process.c +++ b/src/mac/f9/f9_process.c @@ -36,11 +36,11 @@ int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen) if (f9->buflen == 0) { while (inlen >= (unsigned long)f9->blocksize) { for (x = 0; x < f9->blocksize; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&(f9->IV[x]))) ^= *(LTC_FAST_TYPE_PTR_CAST(&(in[x]))); + LTC_FAST_XOR2(&f9->IV[x], &in[x]); } ecb_encrypt_block(f9->IV, f9->IV, &f9->key); for (x = 0; x < f9->blocksize; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&(f9->ACC[x]))) ^= *(LTC_FAST_TYPE_PTR_CAST(&(f9->IV[x]))); + LTC_FAST_XOR2(&f9->ACC[x], &f9->IV[x]); } in += f9->blocksize; inlen -= f9->blocksize; diff --git a/src/mac/omac/omac_process.c b/src/mac/omac/omac_process.c index d2183d507..a86145ac9 100644 --- a/src/mac/omac/omac_process.c +++ b/src/mac/omac/omac_process.c @@ -34,7 +34,7 @@ int omac_process(omac_state *omac, const unsigned char *in, unsigned long inlen) if (omac->buflen == 0 && inlen > (unsigned long)omac->blklen) { for (x = 0; x < (inlen - omac->blklen); x += omac->blklen) { for (n = 0; n < (unsigned long)omac->blklen; n += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&omac->prev[n])) ^= *(LTC_FAST_TYPE_PTR_CAST(&in[n])); + LTC_FAST_XOR2(&omac->prev[n], &in[n]); } in += omac->blklen; if ((err = ecb_encrypt_block(omac->prev, omac->prev, &omac->key)) != CRYPT_OK) { diff --git a/src/mac/pelican/pelican.c b/src/mac/pelican/pelican.c index 7d62e8dde..53c1e3eba 100644 --- a/src/mac/pelican/pelican.c +++ b/src/mac/pelican/pelican.c @@ -108,7 +108,7 @@ int pelican_process(pelican_state *pelmac, const unsigned char *in, unsigned lon while (inlen & ~15) { int x; for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pelmac->state + x)) ^= *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)in + x)); + LTC_FAST_XOR2((unsigned char *)pelmac->state + x, (unsigned char *)in + x); } s_four_rounds(pelmac); in += 16; diff --git a/src/mac/pmac/pmac_process.c b/src/mac/pmac/pmac_process.c index 8017e3893..9872e9ba9 100644 --- a/src/mac/pmac/pmac_process.c +++ b/src/mac/pmac/pmac_process.c @@ -37,13 +37,13 @@ int pmac_process(pmac_state *pmac, const unsigned char *in, unsigned long inlen) for (x = 0; x < (inlen - 16); x += 16) { pmac_shift_xor(pmac); for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&Z[y])) = *(LTC_FAST_TYPE_PTR_CAST(&in[y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&pmac->Li[y])); + LTC_FAST_XOR3(&Z[y], &in[y], &pmac->Li[y]); } if ((err = ecb_encrypt_block(Z, Z, &pmac->key)) != CRYPT_OK) { return err; } for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&pmac->checksum[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&Z[y])); + LTC_FAST_XOR2(&pmac->checksum[y], &Z[y]); } in += 16; } diff --git a/src/mac/pmac/pmac_shift_xor.c b/src/mac/pmac/pmac_shift_xor.c index ad97fa8b3..764f39193 100644 --- a/src/mac/pmac/pmac_shift_xor.c +++ b/src/mac/pmac/pmac_shift_xor.c @@ -19,8 +19,7 @@ void pmac_shift_xor(pmac_state *pmac) y = pmac_ntz(pmac->block_index++); #ifdef LTC_FAST for (x = 0; x < pmac->block_len; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pmac->Li + x)) ^= - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pmac->Ls[y] + x)); + LTC_FAST_XOR2((unsigned char *)pmac->Li + x, (unsigned char *)pmac->Ls[y] + x); } #else for (x = 0; x < pmac->block_len; x++) { diff --git a/src/mac/xcbc/xcbc_process.c b/src/mac/xcbc/xcbc_process.c index a6e5145f1..8f7f80889 100644 --- a/src/mac/xcbc/xcbc_process.c +++ b/src/mac/xcbc/xcbc_process.c @@ -32,7 +32,7 @@ int xcbc_process(xcbc_state *xcbc, const unsigned char *in, unsigned long inlen) if (xcbc->buflen == 0) { while (inlen > (unsigned long)xcbc->blocksize) { for (x = 0; x < xcbc->blocksize; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&(xcbc->IV[x]))) ^= *(LTC_FAST_TYPE_PTR_CAST(&(in[x]))); + LTC_FAST_XOR2(&xcbc->IV[x], &in[x]); } ecb_encrypt_block(xcbc->IV, xcbc->IV, &xcbc->key); in += xcbc->blocksize; diff --git a/src/misc/copy_or_zeromem.c b/src/misc/copy_or_zeromem.c index a05eac603..071769744 100644 --- a/src/misc/copy_or_zeromem.c +++ b/src/misc/copy_or_zeromem.c @@ -34,7 +34,7 @@ void copy_or_zeromem(const unsigned char* src, unsigned char* dest, unsigned lon if (len & ~15) { for (; y < (len & ~15); y += 16) { for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&dest[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&src[y+z])) & fastMask; + LTC_FAST_STORE(&dest[y+z], LTC_FAST_LOAD(&src[y+z]) & fastMask); } } } diff --git a/src/modes/cbc/cbc_decrypt.c b/src/modes/cbc/cbc_decrypt.c index 4c3add7ac..e7cc80f3b 100644 --- a/src/modes/cbc/cbc_decrypt.c +++ b/src/modes/cbc/cbc_decrypt.c @@ -62,9 +62,9 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s /* xor IV against plaintext */ #if defined(LTC_FAST) for (x = 0; x < cbc->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - tmpy = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^ *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)tmp + x)); - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)); - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) = tmpy; + tmpy = LTC_FAST_LOAD((unsigned char *)cbc->IV + x) ^ LTC_FAST_LOAD((unsigned char *)tmp + x); + LTC_FAST_STORE((unsigned char *)cbc->IV + x, LTC_FAST_LOAD((unsigned char *)ct + x)); + LTC_FAST_STORE((unsigned char *)pt + x, tmpy); } #else for (x = 0; x < cbc->ecb.blocklen; x++) { diff --git a/src/modes/cbc/cbc_encrypt.c b/src/modes/cbc/cbc_encrypt.c index 7274d695d..697100e89 100644 --- a/src/modes/cbc/cbc_encrypt.c +++ b/src/modes/cbc/cbc_encrypt.c @@ -51,7 +51,7 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s /* xor IV against plaintext */ #if defined(LTC_FAST) for (x = 0; x < cbc->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^= *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)); + LTC_FAST_XOR2((unsigned char *)cbc->IV + x, (unsigned char *)pt + x); } #else for (x = 0; x < cbc->ecb.blocklen; x++) { @@ -67,7 +67,7 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s /* store IV [ciphertext] for a future block */ #if defined(LTC_FAST) for (x = 0; x < cbc->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)); + LTC_FAST_STORE((unsigned char *)cbc->IV + x, LTC_FAST_LOAD((unsigned char *)ct + x)); } #else for (x = 0; x < cbc->ecb.blocklen; x++) { diff --git a/src/modes/ctr/ctr_encrypt.c b/src/modes/ctr/ctr_encrypt.c index 043b5ae48..2ebc5feba 100644 --- a/src/modes/ctr/ctr_encrypt.c +++ b/src/modes/ctr/ctr_encrypt.c @@ -53,8 +53,7 @@ static int s_ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned lo #ifdef LTC_FAST if ((ctr->padlen == 0) && (len >= (unsigned long)ctr->ecb.blocklen)) { for (x = 0; x < ctr->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) ^ - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ctr->pad + x)); + LTC_FAST_XOR3((unsigned char *)ct + x, (unsigned char *)pt + x, (unsigned char *)ctr->pad + x); } pt += ctr->ecb.blocklen; ct += ctr->ecb.blocklen; diff --git a/src/modes/f8/f8_encrypt.c b/src/modes/f8/f8_encrypt.c index ec147fdee..d3de186e0 100644 --- a/src/modes/f8/f8_encrypt.c +++ b/src/modes/f8/f8_encrypt.c @@ -56,8 +56,8 @@ int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, sy STORE32H(f8->blockcnt, (buf+(f8->ecb.blocklen-4))); ++(f8->blockcnt); for (x = 0; x < f8->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&ct[x])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&f8->IV[x])); - *(LTC_FAST_TYPE_PTR_CAST(&f8->IV[x])) ^= *(LTC_FAST_TYPE_PTR_CAST(&f8->MIV[x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&buf[x])); + LTC_FAST_XOR3(&ct[x], &pt[x], &f8->IV[x]); + LTC_FAST_STORE(&f8->IV[x], LTC_FAST_LOAD(&f8->IV[x]) ^ LTC_FAST_LOAD(&f8->MIV[x]) ^ LTC_FAST_LOAD(&buf[x])); } if ((err = ecb_encrypt_block(f8->IV, f8->IV, &f8->ecb)) != CRYPT_OK) { return err; diff --git a/src/modes/lrw/lrw_process.c b/src/modes/lrw/lrw_process.c index a04f90d47..81eb3bdf8 100644 --- a/src/modes/lrw/lrw_process.c +++ b/src/modes/lrw/lrw_process.c @@ -52,7 +52,7 @@ int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, i for (; x < 16; x++) { #ifdef LTC_FAST for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(lrw->pad + y)) ^= *(LTC_FAST_TYPE_PTR_CAST(&lrw->PC[x][lrw->IV[x]][y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&lrw->PC[x][(lrw->IV[x]-1)&255][y])); + LTC_FAST_STORE(lrw->pad + y, LTC_FAST_LOAD(lrw->pad + y) ^ LTC_FAST_LOAD(&lrw->PC[x][lrw->IV[x]][y]) ^ LTC_FAST_LOAD(&lrw->PC[x][(lrw->IV[x]-1)&255][y])); } #else for (y = 0; y < 16; y++) { @@ -67,7 +67,7 @@ int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, i /* xor prod */ #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(ct + x)) = *(LTC_FAST_TYPE_PTR_CAST(pt + x)) ^ *(LTC_FAST_TYPE_PTR_CAST(prod + x)); + LTC_FAST_XOR3(ct + x, pt + x, prod + x); } #else for (x = 0; x < 16; x++) { @@ -89,7 +89,7 @@ int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, i /* xor prod */ #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(ct + x)) = *(LTC_FAST_TYPE_PTR_CAST(ct + x)) ^ *(LTC_FAST_TYPE_PTR_CAST(prod + x)); + LTC_FAST_XOR2(ct + x, prod + x); } #else for (x = 0; x < 16; x++) { diff --git a/src/modes/lrw/lrw_setiv.c b/src/modes/lrw/lrw_setiv.c index 72615e773..fb2db8f72 100644 --- a/src/modes/lrw/lrw_setiv.c +++ b/src/modes/lrw/lrw_setiv.c @@ -48,7 +48,7 @@ int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw) for (x = 1; x < 16; x++) { #ifdef LTC_FAST for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(T + y)) ^= *(LTC_FAST_TYPE_PTR_CAST(&lrw->PC[x][IV[x]][y])); + LTC_FAST_XOR2(T + y, &lrw->PC[x][IV[x]][y]); } #else for (y = 0; y < 16; y++) { diff --git a/src/modes/xts/xts_decrypt.c b/src/modes/xts/xts_decrypt.c index 50019b9fd..4ae755fa1 100644 --- a/src/modes/xts/xts_decrypt.c +++ b/src/modes/xts/xts_decrypt.c @@ -16,7 +16,7 @@ static int s_tweak_uncrypt(const unsigned char *C, unsigned char *P, unsigned ch /* tweak encrypt block i */ #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&P[x])) = *(LTC_FAST_TYPE_PTR_CAST(&C[x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&T[x])); + LTC_FAST_XOR3(&P[x], &C[x], &T[x]); } #else for (x = 0; x < 16; x++) { @@ -28,7 +28,7 @@ static int s_tweak_uncrypt(const unsigned char *C, unsigned char *P, unsigned ch #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&P[x])) ^= *(LTC_FAST_TYPE_PTR_CAST(&T[x])); + LTC_FAST_XOR2(&P[x], &T[x]); } #else for (x = 0; x < 16; x++) { diff --git a/src/modes/xts/xts_encrypt.c b/src/modes/xts/xts_encrypt.c index 65b129c3a..dab234c93 100644 --- a/src/modes/xts/xts_encrypt.c +++ b/src/modes/xts/xts_encrypt.c @@ -16,7 +16,7 @@ static int s_tweak_crypt(const unsigned char *P, unsigned char *C, unsigned char /* tweak encrypt block i */ #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&C[x])) = *(LTC_FAST_TYPE_PTR_CAST(&P[x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&T[x])); + LTC_FAST_XOR3(&C[x], &P[x], &T[x]); } #else for (x = 0; x < 16; x++) { @@ -30,7 +30,7 @@ static int s_tweak_crypt(const unsigned char *P, unsigned char *C, unsigned char #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&C[x])) ^= *(LTC_FAST_TYPE_PTR_CAST(&T[x])); + LTC_FAST_XOR2(&C[x], &T[x]); } #else for (x = 0; x < 16; x++) { diff --git a/tests/store_test.c b/tests/store_test.c index 5f94a444c..d7ee7d2ec 100644 --- a/tests/store_test.c +++ b/tests/store_test.c @@ -63,7 +63,7 @@ int store_test(void) /* now XOR it word for word */ for (x = 0; x < y; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&buf[5*y+z+x])) = *(LTC_FAST_TYPE_PTR_CAST(&buf[z+x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&buf[z+y+x+zz])); + LTC_FAST_XOR3(&buf[5*y+z+x], &buf[z+x], &buf[z+y+x+zz]); } if (memcmp(&buf[4*y+z], &buf[5*y+z], y)) {