diff --git a/src/encauth/ccm/ccm_memory.c b/src/encauth/ccm/ccm_memory.c index d23904463..48c7a0d7d 100644 --- a/src/encauth/ccm/ccm_memory.c +++ b/src/encauth/ccm/ccm_memory.c @@ -248,8 +248,8 @@ int ccm_memory(int cipher, /* xor the PT against the pad first */ for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&PAD[z])) ^= *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])); - *(LTC_FAST_TYPE_PTR_CAST(&ct[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])) ^ *(LTC_FAST_TYPE_PTR_CAST(&CTRPAD[z])); + LTC_FAST_TYPE_XOR2(&PAD[z], &pt[y+z]); + LTC_FAST_TYPE_XOR3(&ct[y+z], &pt[y+z], &CTRPAD[z]); } if ((err = ecb_encrypt_block(PAD, PAD, skey)) != CRYPT_OK) { goto error; @@ -268,8 +268,8 @@ int ccm_memory(int cipher, /* xor the PT against the pad last */ for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&ct[y+z])) ^ *(LTC_FAST_TYPE_PTR_CAST(&CTRPAD[z])); - *(LTC_FAST_TYPE_PTR_CAST(&PAD[z])) ^= *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])); + LTC_FAST_TYPE_XOR3(&pt[y+z], &ct[y+z], &CTRPAD[z]); + LTC_FAST_TYPE_XOR2(&PAD[z], &pt[y+z]); } if ((err = ecb_encrypt_block(PAD, PAD, skey)) != CRYPT_OK) { goto error; diff --git a/src/encauth/gcm/gcm_add_aad.c b/src/encauth/gcm/gcm_add_aad.c index 67a86fe52..8e2b13d58 100644 --- a/src/encauth/gcm/gcm_add_aad.c +++ b/src/encauth/gcm/gcm_add_aad.c @@ -81,7 +81,7 @@ int gcm_add_aad(gcm_state *gcm, if (gcm->buflen == 0 && adatalen > 15) { for (x = 0; x < (adatalen & ~15); x += 16) { for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&adata[x + y])); + LTC_FAST_TYPE_XOR2(&gcm->X[y], &adata[x + y]); } gcm_mult_h(gcm, gcm->X); gcm->totlen += 128; diff --git a/src/encauth/gcm/gcm_add_iv.c b/src/encauth/gcm/gcm_add_iv.c index b37a55bf8..d722fcf48 100644 --- a/src/encauth/gcm/gcm_add_iv.c +++ b/src/encauth/gcm/gcm_add_iv.c @@ -45,7 +45,7 @@ int gcm_add_iv(gcm_state *gcm, if (gcm->buflen == 0) { for (x = 0; x < (IVlen & ~15); x += 16) { for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&IV[x + y])); + LTC_FAST_TYPE_XOR2(&gcm->X[y], &IV[x + y]); } gcm_mult_h(gcm, gcm->X); gcm->totlen += 128; diff --git a/src/encauth/gcm/gcm_mult_h.c b/src/encauth/gcm/gcm_mult_h.c index c0fd9c56b..c361c40ed 100644 --- a/src/encauth/gcm/gcm_mult_h.c +++ b/src/encauth/gcm/gcm_mult_h.c @@ -30,7 +30,7 @@ void gcm_mult_h(const gcm_state *gcm, unsigned char *I) for (x = 1; x < 16; x++) { #ifdef LTC_FAST for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(T + y)) ^= *(LTC_FAST_TYPE_PTR_CAST(&gcm->PC[x][I[x]][y])); + LTC_FAST_TYPE_XOR2(T + y, &gcm->PC[x][I[x]][y]); } #else for (y = 0; y < 16; y++) { diff --git a/src/encauth/gcm/gcm_process.c b/src/encauth/gcm/gcm_process.c index b75c1d040..38e0aab53 100644 --- a/src/encauth/gcm/gcm_process.c +++ b/src/encauth/gcm/gcm_process.c @@ -79,8 +79,8 @@ int gcm_process(gcm_state *gcm, for (x = 0; x < (ptlen & ~15); x += 16) { /* ctr encrypt */ for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&ct[x + y])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[x+y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&gcm->buf[y])); - *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&ct[x+y])); + LTC_FAST_TYPE_XOR3(&ct[x + y], &pt[x+y], &gcm->buf[y]); + LTC_FAST_TYPE_XOR2(&gcm->X[y], &ct[x+y]); } /* GMAC it */ gcm->pttotlen += 128; @@ -97,8 +97,8 @@ int gcm_process(gcm_state *gcm, for (x = 0; x < (ptlen & ~15); x += 16) { /* ctr encrypt */ for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&ct[x+y])); - *(LTC_FAST_TYPE_PTR_CAST(&pt[x + y])) = *(LTC_FAST_TYPE_PTR_CAST(&ct[x+y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&gcm->buf[y])); + LTC_FAST_TYPE_XOR2(&gcm->X[y], &ct[x+y]); + LTC_FAST_TYPE_XOR3(&pt[x + y], &ct[x+y], &gcm->buf[y]); } /* GMAC it */ gcm->pttotlen += 128; diff --git a/src/encauth/siv/siv.c b/src/encauth/siv/siv.c index bd6d5b45b..4de52d90b 100644 --- a/src/encauth/siv/siv.c +++ b/src/encauth/siv/siv.c @@ -161,7 +161,7 @@ static LTC_INLINE int s_siv_S2V_T(siv_omac_ctx_t *ctx, } else { s_siv_dbl(D); XMEMSET(&T, 0, sizeof(T)); - XMEMCPY(&T, in, inlen); + if (inlen != 0) XMEMCPY(&T, in, inlen); T.u.byte[inlen] = 0x80; s_siv_xor_buf(D, &T); diff --git a/src/headers/tomcrypt_cfg.h b/src/headers/tomcrypt_cfg.h index 14b81d87f..727bd2cdf 100644 --- a/src/headers/tomcrypt_cfg.h +++ b/src/headers/tomcrypt_cfg.h @@ -267,12 +267,34 @@ typedef unsigned long ltc_mp_digit; #endif #ifdef LTC_FAST - #define LTC_FAST_TYPE_PTR_CAST(x) ((LTC_FAST_TYPE*)(void*)(x)) #ifdef ENDIAN_64BITWORD typedef ulong64 __attribute__((__may_alias__)) LTC_FAST_TYPE; #else typedef ulong32 __attribute__((__may_alias__)) LTC_FAST_TYPE; #endif + #define LTC_FAST_TYPE_XOR3(dst, src1, src2) \ + do { \ + LTC_FAST_TYPE fast_src1, fast_src2, fast_dst; \ + XMEMCPY(&fast_src1, (src1), sizeof(LTC_FAST_TYPE)); \ + XMEMCPY(&fast_src2, (src2), sizeof(LTC_FAST_TYPE)); \ + fast_dst = fast_src1 ^ fast_src2; \ + XMEMCPY((dst), &fast_dst, sizeof(LTC_FAST_TYPE)); \ + }while (0) + #define LTC_FAST_TYPE_XOR2(dst, src) LTC_FAST_TYPE_XOR3((dst), (dst), (src)) + #define LTC_FAST_TYPE_MASK(dst, src, mask) \ + do { \ + LTC_FAST_TYPE fast_src, fast_mask, fast_dst; \ + XMEMCPY(&fast_src, (src), sizeof(LTC_FAST_TYPE)); \ + fast_mask = ((LTC_FAST_TYPE)(mask)); \ + fast_dst = fast_src & fast_mask; \ + XMEMCPY((dst), &fast_dst, sizeof(LTC_FAST_TYPE)); \ + }while (0) + #define LTC_FAST_TYPE_ASSIGN(dst, src) \ + do { \ + LTC_FAST_TYPE fast_tmp; \ + XMEMCPY(&fast_tmp, (src), sizeof(LTC_FAST_TYPE)); \ + XMEMCPY((dst), &fast_tmp, sizeof(LTC_FAST_TYPE)); \ + }while (0) #endif #if !defined(ENDIAN_NEUTRAL) && (defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE)) && !(defined(ENDIAN_32BITWORD) || defined(ENDIAN_64BITWORD)) diff --git a/src/mac/f9/f9_process.c b/src/mac/f9/f9_process.c index 8860da387..01310946f 100644 --- a/src/mac/f9/f9_process.c +++ b/src/mac/f9/f9_process.c @@ -36,11 +36,11 @@ int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen) if (f9->buflen == 0) { while (inlen >= (unsigned long)f9->blocksize) { for (x = 0; x < f9->blocksize; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&(f9->IV[x]))) ^= *(LTC_FAST_TYPE_PTR_CAST(&(in[x]))); + LTC_FAST_TYPE_XOR2(&(f9->IV[x]), &(in[x])); } ecb_encrypt_block(f9->IV, f9->IV, &f9->key); for (x = 0; x < f9->blocksize; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&(f9->ACC[x]))) ^= *(LTC_FAST_TYPE_PTR_CAST(&(f9->IV[x]))); + LTC_FAST_TYPE_XOR2(&(f9->ACC[x]), &(f9->IV[x])); } in += f9->blocksize; inlen -= f9->blocksize; diff --git a/src/mac/omac/omac_process.c b/src/mac/omac/omac_process.c index d2183d507..a1118f5e4 100644 --- a/src/mac/omac/omac_process.c +++ b/src/mac/omac/omac_process.c @@ -34,7 +34,7 @@ int omac_process(omac_state *omac, const unsigned char *in, unsigned long inlen) if (omac->buflen == 0 && inlen > (unsigned long)omac->blklen) { for (x = 0; x < (inlen - omac->blklen); x += omac->blklen) { for (n = 0; n < (unsigned long)omac->blklen; n += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&omac->prev[n])) ^= *(LTC_FAST_TYPE_PTR_CAST(&in[n])); + LTC_FAST_TYPE_XOR2(&omac->prev[n], &in[n]); } in += omac->blklen; if ((err = ecb_encrypt_block(omac->prev, omac->prev, &omac->key)) != CRYPT_OK) { diff --git a/src/mac/pelican/pelican.c b/src/mac/pelican/pelican.c index 7d62e8dde..e7bd298e0 100644 --- a/src/mac/pelican/pelican.c +++ b/src/mac/pelican/pelican.c @@ -108,7 +108,7 @@ int pelican_process(pelican_state *pelmac, const unsigned char *in, unsigned lon while (inlen & ~15) { int x; for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pelmac->state + x)) ^= *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)in + x)); + LTC_FAST_TYPE_XOR2((unsigned char *)pelmac->state + x, (unsigned char *)in + x); } s_four_rounds(pelmac); in += 16; diff --git a/src/mac/pmac/pmac_process.c b/src/mac/pmac/pmac_process.c index 8017e3893..05aafa1b6 100644 --- a/src/mac/pmac/pmac_process.c +++ b/src/mac/pmac/pmac_process.c @@ -37,13 +37,13 @@ int pmac_process(pmac_state *pmac, const unsigned char *in, unsigned long inlen) for (x = 0; x < (inlen - 16); x += 16) { pmac_shift_xor(pmac); for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&Z[y])) = *(LTC_FAST_TYPE_PTR_CAST(&in[y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&pmac->Li[y])); + LTC_FAST_TYPE_XOR3(&Z[y], &in[y], &pmac->Li[y]); } if ((err = ecb_encrypt_block(Z, Z, &pmac->key)) != CRYPT_OK) { return err; } for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&pmac->checksum[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&Z[y])); + LTC_FAST_TYPE_XOR2(&pmac->checksum[y], &Z[y]); } in += 16; } diff --git a/src/mac/pmac/pmac_shift_xor.c b/src/mac/pmac/pmac_shift_xor.c index ad97fa8b3..6d37de888 100644 --- a/src/mac/pmac/pmac_shift_xor.c +++ b/src/mac/pmac/pmac_shift_xor.c @@ -19,8 +19,7 @@ void pmac_shift_xor(pmac_state *pmac) y = pmac_ntz(pmac->block_index++); #ifdef LTC_FAST for (x = 0; x < pmac->block_len; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pmac->Li + x)) ^= - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pmac->Ls[y] + x)); + LTC_FAST_TYPE_XOR2((unsigned char *)pmac->Li + x, (unsigned char *)pmac->Ls[y] + x); } #else for (x = 0; x < pmac->block_len; x++) { diff --git a/src/mac/xcbc/xcbc_process.c b/src/mac/xcbc/xcbc_process.c index a6e5145f1..c204acbb3 100644 --- a/src/mac/xcbc/xcbc_process.c +++ b/src/mac/xcbc/xcbc_process.c @@ -32,7 +32,7 @@ int xcbc_process(xcbc_state *xcbc, const unsigned char *in, unsigned long inlen) if (xcbc->buflen == 0) { while (inlen > (unsigned long)xcbc->blocksize) { for (x = 0; x < xcbc->blocksize; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&(xcbc->IV[x]))) ^= *(LTC_FAST_TYPE_PTR_CAST(&(in[x]))); + LTC_FAST_TYPE_XOR2(&(xcbc->IV[x]), &(in[x])); } ecb_encrypt_block(xcbc->IV, xcbc->IV, &xcbc->key); in += xcbc->blocksize; diff --git a/src/misc/compare_testvector.c b/src/misc/compare_testvector.c index f13084960..fd8ae0c77 100644 --- a/src/misc/compare_testvector.c +++ b/src/misc/compare_testvector.c @@ -59,6 +59,8 @@ int ltc_compare_testvector(const void* is, const unsigned long is_len, const voi int res = 0; if(is_len != should_len) { res = is_len > should_len ? -1 : 1; + } else if (is_len == 0 && (!is || !should)) { + res = 0; } else { res = XMEMCMP(is, should, is_len); } diff --git a/src/misc/copy_or_zeromem.c b/src/misc/copy_or_zeromem.c index a05eac603..9c149782e 100644 --- a/src/misc/copy_or_zeromem.c +++ b/src/misc/copy_or_zeromem.c @@ -34,7 +34,7 @@ void copy_or_zeromem(const unsigned char* src, unsigned char* dest, unsigned lon if (len & ~15) { for (; y < (len & ~15); y += 16) { for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&dest[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&src[y+z])) & fastMask; + LTC_FAST_TYPE_MASK(&dest[y+z], &src[y+z], fastMask); } } } diff --git a/src/modes/cbc/cbc_decrypt.c b/src/modes/cbc/cbc_decrypt.c index 4c3add7ac..e8b552b55 100644 --- a/src/modes/cbc/cbc_decrypt.c +++ b/src/modes/cbc/cbc_decrypt.c @@ -62,9 +62,9 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s /* xor IV against plaintext */ #if defined(LTC_FAST) for (x = 0; x < cbc->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - tmpy = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^ *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)tmp + x)); - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)); - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) = tmpy; + LTC_FAST_TYPE_XOR3(&tmpy, (unsigned char *)cbc->IV + x, (unsigned char *)tmp + x); + LTC_FAST_TYPE_ASSIGN((unsigned char *)cbc->IV + x, (unsigned char *)ct + x); + LTC_FAST_TYPE_ASSIGN((unsigned char *)pt + x, &tmpy); } #else for (x = 0; x < cbc->ecb.blocklen; x++) { diff --git a/src/modes/cbc/cbc_encrypt.c b/src/modes/cbc/cbc_encrypt.c index 7274d695d..ba74e3f11 100644 --- a/src/modes/cbc/cbc_encrypt.c +++ b/src/modes/cbc/cbc_encrypt.c @@ -51,7 +51,7 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s /* xor IV against plaintext */ #if defined(LTC_FAST) for (x = 0; x < cbc->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^= *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)); + LTC_FAST_TYPE_XOR2((unsigned char *)cbc->IV + x, (unsigned char *)pt + x); } #else for (x = 0; x < cbc->ecb.blocklen; x++) { @@ -67,7 +67,7 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s /* store IV [ciphertext] for a future block */ #if defined(LTC_FAST) for (x = 0; x < cbc->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)); + LTC_FAST_TYPE_ASSIGN((unsigned char *)cbc->IV + x, (unsigned char *)ct + x); } #else for (x = 0; x < cbc->ecb.blocklen; x++) { diff --git a/src/modes/ctr/ctr_encrypt.c b/src/modes/ctr/ctr_encrypt.c index 043b5ae48..45170f5c3 100644 --- a/src/modes/ctr/ctr_encrypt.c +++ b/src/modes/ctr/ctr_encrypt.c @@ -53,8 +53,7 @@ static int s_ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned lo #ifdef LTC_FAST if ((ctr->padlen == 0) && (len >= (unsigned long)ctr->ecb.blocklen)) { for (x = 0; x < ctr->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) ^ - *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ctr->pad + x)); + LTC_FAST_TYPE_XOR3((unsigned char *)ct + x, (unsigned char *)pt + x, (unsigned char *)ctr->pad + x); } pt += ctr->ecb.blocklen; ct += ctr->ecb.blocklen; diff --git a/src/modes/f8/f8_encrypt.c b/src/modes/f8/f8_encrypt.c index ec147fdee..1b50d1b2f 100644 --- a/src/modes/f8/f8_encrypt.c +++ b/src/modes/f8/f8_encrypt.c @@ -56,8 +56,10 @@ int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, sy STORE32H(f8->blockcnt, (buf+(f8->ecb.blocklen-4))); ++(f8->blockcnt); for (x = 0; x < f8->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&ct[x])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&f8->IV[x])); - *(LTC_FAST_TYPE_PTR_CAST(&f8->IV[x])) ^= *(LTC_FAST_TYPE_PTR_CAST(&f8->MIV[x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&buf[x])); + LTC_FAST_TYPE tmp; + LTC_FAST_TYPE_XOR3(&ct[x], &pt[x], &f8->IV[x]); + LTC_FAST_TYPE_XOR3(&tmp, &f8->MIV[x], &buf[x]); + LTC_FAST_TYPE_XOR2(&f8->IV[x], &tmp); } if ((err = ecb_encrypt_block(f8->IV, f8->IV, &f8->ecb)) != CRYPT_OK) { return err; diff --git a/src/modes/lrw/lrw_process.c b/src/modes/lrw/lrw_process.c index a04f90d47..7a63e7824 100644 --- a/src/modes/lrw/lrw_process.c +++ b/src/modes/lrw/lrw_process.c @@ -52,7 +52,9 @@ int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, i for (; x < 16; x++) { #ifdef LTC_FAST for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(lrw->pad + y)) ^= *(LTC_FAST_TYPE_PTR_CAST(&lrw->PC[x][lrw->IV[x]][y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&lrw->PC[x][(lrw->IV[x]-1)&255][y])); + LTC_FAST_TYPE tmp; + LTC_FAST_TYPE_XOR3(&tmp, &lrw->PC[x][lrw->IV[x]][y], &lrw->PC[x][(lrw->IV[x]-1)&255][y]); + LTC_FAST_TYPE_XOR2(lrw->pad + y, &tmp); } #else for (y = 0; y < 16; y++) { @@ -67,7 +69,7 @@ int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, i /* xor prod */ #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(ct + x)) = *(LTC_FAST_TYPE_PTR_CAST(pt + x)) ^ *(LTC_FAST_TYPE_PTR_CAST(prod + x)); + LTC_FAST_TYPE_XOR3(ct + x, pt + x, prod + x); } #else for (x = 0; x < 16; x++) { @@ -89,7 +91,7 @@ int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, i /* xor prod */ #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(ct + x)) = *(LTC_FAST_TYPE_PTR_CAST(ct + x)) ^ *(LTC_FAST_TYPE_PTR_CAST(prod + x)); + LTC_FAST_TYPE_XOR3(ct + x, ct + x, prod + x); } #else for (x = 0; x < 16; x++) { diff --git a/src/modes/lrw/lrw_setiv.c b/src/modes/lrw/lrw_setiv.c index 72615e773..81dad3343 100644 --- a/src/modes/lrw/lrw_setiv.c +++ b/src/modes/lrw/lrw_setiv.c @@ -48,7 +48,7 @@ int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw) for (x = 1; x < 16; x++) { #ifdef LTC_FAST for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(T + y)) ^= *(LTC_FAST_TYPE_PTR_CAST(&lrw->PC[x][IV[x]][y])); + LTC_FAST_TYPE_XOR2(T + y, &lrw->PC[x][IV[x]][y]); } #else for (y = 0; y < 16; y++) { diff --git a/src/modes/xts/xts_decrypt.c b/src/modes/xts/xts_decrypt.c index 50019b9fd..4de037f55 100644 --- a/src/modes/xts/xts_decrypt.c +++ b/src/modes/xts/xts_decrypt.c @@ -16,7 +16,7 @@ static int s_tweak_uncrypt(const unsigned char *C, unsigned char *P, unsigned ch /* tweak encrypt block i */ #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&P[x])) = *(LTC_FAST_TYPE_PTR_CAST(&C[x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&T[x])); + LTC_FAST_TYPE_XOR3(&P[x], &C[x], &T[x]); } #else for (x = 0; x < 16; x++) { @@ -28,7 +28,7 @@ static int s_tweak_uncrypt(const unsigned char *C, unsigned char *P, unsigned ch #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&P[x])) ^= *(LTC_FAST_TYPE_PTR_CAST(&T[x])); + LTC_FAST_TYPE_XOR2(&P[x], &T[x]); } #else for (x = 0; x < 16; x++) { diff --git a/src/modes/xts/xts_encrypt.c b/src/modes/xts/xts_encrypt.c index 65b129c3a..5e177d657 100644 --- a/src/modes/xts/xts_encrypt.c +++ b/src/modes/xts/xts_encrypt.c @@ -16,7 +16,7 @@ static int s_tweak_crypt(const unsigned char *P, unsigned char *C, unsigned char /* tweak encrypt block i */ #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&C[x])) = *(LTC_FAST_TYPE_PTR_CAST(&P[x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&T[x])); + LTC_FAST_TYPE_XOR3(&C[x], &P[x], &T[x]); } #else for (x = 0; x < 16; x++) { @@ -30,7 +30,7 @@ static int s_tweak_crypt(const unsigned char *P, unsigned char *C, unsigned char #ifdef LTC_FAST for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&C[x])) ^= *(LTC_FAST_TYPE_PTR_CAST(&T[x])); + LTC_FAST_TYPE_XOR2(&C[x], &T[x]); } #else for (x = 0; x < 16; x++) { diff --git a/src/pk/ec25519/tweetnacl.c b/src/pk/ec25519/tweetnacl.c index 48446ef9a..4fee24064 100644 --- a/src/pk/ec25519/tweetnacl.c +++ b/src/pk/ec25519/tweetnacl.c @@ -53,7 +53,7 @@ sv car25519(gf o) o[i]+=(1LL<<16); c=o[i]>>16; o[(i+1)*(i<15)]+=c-1+37*(c-1)*(i==15); - o[i]-=c<<16; + o[i]-=((i64)(((u64)(c))<<16)); } } @@ -366,7 +366,7 @@ sv modL(u8 *r,i64 x[64]) for (j = i - 32;j < i - 12;++j) { x[j] += carry - 16 * x[i] * L[j - (i - 32)]; carry = (x[j] + 128) >> 8; - x[j] -= carry << 8; + x[j] -= ((i64)(((u64)(carry)) << 8)); } x[j] += carry; x[i] = 0; diff --git a/src/pk/ec448/ec448_common.c b/src/pk/ec448/ec448_common.c index 65bb0f2bb..c8cb71600 100644 --- a/src/pk/ec448/ec448_common.c +++ b/src/pk/ec448/ec448_common.c @@ -96,13 +96,13 @@ static void s_gf448_carry(gf448 o) for (i = 0; i < 15; ++i) { c = o[i] >> 28; o[i+1] += c; - o[i] -= c << 28; + o[i] -= ((long64)(((ulong64)(c)) << 28)); } /* limb 15 overflow: 2^(28*16) = 2^448 == 2^224 + 1 */ c = o[15] >> 28; o[0] += c; /* + c * 1 */ o[8] += c; /* + c * 2^224 */ - o[15] -= c << 28; + o[15] -= ((long64)(((ulong64)(c)) << 28)); /* one more pass to settle the extra from limb 0 and 8 */ for (i = 0; i < 15; ++i) { c = o[i] >> 28; @@ -254,7 +254,7 @@ static void s_gf448_mul(gf448 o, const gf448 a, const gf448 b) for (i = 0; i < 30; ++i) { c = t[i] >> 28; t[i+1] += c; - t[i] -= c << 28; + t[i] -= ((long64)(((ulong64)(c)) << 28)); } t[14] += 2 * t[30]; t[6] += t[30]; diff --git a/tests/store_test.c b/tests/store_test.c index 5f94a444c..a6af45934 100644 --- a/tests/store_test.c +++ b/tests/store_test.c @@ -63,7 +63,7 @@ int store_test(void) /* now XOR it word for word */ for (x = 0; x < y; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&buf[5*y+z+x])) = *(LTC_FAST_TYPE_PTR_CAST(&buf[z+x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&buf[z+y+x+zz])); + LTC_FAST_TYPE_XOR3(&buf[5*y+z+x], &buf[z+x], &buf[z+y+x+zz]); } if (memcmp(&buf[4*y+z], &buf[5*y+z], y)) {