2 files changed, 43 insertions, 23 deletions
diff --git a/src/lib/libcrypto/crypto_internal.h b/src/lib/libcrypto/crypto_internal.h
new file mode 100644
index 0000000000..af2a87216e
--- /dev/null
+++ b/src/lib/libcrypto/crypto_internal.h
@@ -0,0 +1,34 @@
+/*      $OpenBSD: crypto_internal.h,v 1.1 2023/04/12 04:40:39 jsing Exp $ */
+/*
+ * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#include <endian.h>
+#include <stddef.h>
+#include <string.h>
+#ifndef HEADER_CRYPTO_INTERNAL_H
+#define HEADER_CRYPTO_INTERNAL_H
+#ifndef HAVE_CRYPTO_STORE_HTOBE64
+static inline void
+crypto_store_htobe64(uint8_t *dst, uint64_t v)
+{
+        v = htobe64(v);
+        memcpy(dst, &v, sizeof(v));
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/sha/sha512.c b/src/lib/libcrypto/sha/sha512.c
index a518c039ea..14c4cbd4f3 100644
--- a/src/lib/libcrypto/sha/sha512.c
+++ b/src/lib/libcrypto/sha/sha512.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha512.c,v 1.30 2023/04/11 15:38:55 tb Exp $ */
+/* $OpenBSD: sha512.c,v 1.31 2023/04/12 04:40:39 jsing Exp $ */
 /* ====================================================================
 * Copyright (c) 1998-2011 The OpenSSL Project.  All rights reserved.
 *
@@ -61,6 +61,8 @@
 #include <openssl/crypto.h>
 #include <openssl/sha.h>
+#include "crypto_internal.h"
 #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
 #if !defined(__STRICT_ALIGNMENT) || defined(SHA512_ASM)
@@ -552,37 +554,21 @@ SHA512_Final(unsigned char *md, SHA512_CTX *c)
        sha512_block_data_order(c, p, 1);
-        if (md == 0)
+        if (md == NULL)
                return 0;
+        /* Let compiler decide if it's appropriate to unroll... */
        switch (c->md_len) {
-                /* Let compiler decide if it's appropriate to unroll... */
        case SHA384_DIGEST_LENGTH:
                for (n = 0; n < SHA384_DIGEST_LENGTH/8; n++) {
-                        SHA_LONG64 t = c->h[n];
+                        crypto_store_htobe64(md, c->h[n]);
+                        md += 8;
-                        *(md++) = (unsigned char)(t >> 56);
-                        *(md++) = (unsigned char)(t >> 48);
-                        *(md++) = (unsigned char)(t >> 40);
-                        *(md++) = (unsigned char)(t >> 32);
-                        *(md++) = (unsigned char)(t >> 24);
-                        *(md++) = (unsigned char)(t >> 16);
-                        *(md++) = (unsigned char)(t >> 8);
-                        *(md++) = (unsigned char)(t);
                }
                break;
        case SHA512_DIGEST_LENGTH:
                for (n = 0; n < SHA512_DIGEST_LENGTH/8; n++) {
-                        SHA_LONG64 t = c->h[n];
+                        crypto_store_htobe64(md, c->h[n]);
+                        md += 8;
-                        *(md++) = (unsigned char)(t >> 56);
-                        *(md++) = (unsigned char)(t >> 48);
-                        *(md++) = (unsigned char)(t >> 40);
-                        *(md++) = (unsigned char)(t >> 32);
-                        *(md++) = (unsigned char)(t >> 24);
-                        *(md++) = (unsigned char)(t >> 16);
-                        *(md++) = (unsigned char)(t >> 8);
-                        *(md++) = (unsigned char)(t);
                }
                break;
                /* ... as well as make sure md_len is not abused. */

diff --git a/src/lib/libcrypto/crypto_internal.h b/src/lib/libcrypto/crypto_internal.h new file mode 100644 index 0000000000..af2a87216e --- /dev/null +++ b/src/lib/libcrypto/crypto_internal.h
@@ -0,0 +1,34 @@
		1	/* $OpenBSD: crypto_internal.h,v 1.1 2023/04/12 04:40:39 jsing Exp $ */
		2	/*
		3	* Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
		4	*
		5	* Permission to use, copy, modify, and distribute this software for any
		6	* purpose with or without fee is hereby granted, provided that the above
		7	* copyright notice and this permission notice appear in all copies.
		8	*
		9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	*/
		17
		18	#include <endian.h>
		19	#include <stddef.h>
		20	#include <string.h>
		21
		22	#ifndef HEADER_CRYPTO_INTERNAL_H
		23	#define HEADER_CRYPTO_INTERNAL_H
		24
		25	#ifndef HAVE_CRYPTO_STORE_HTOBE64
		26	static inline void
		27	crypto_store_htobe64(uint8_t *dst, uint64_t v)
		28	{
		29	v = htobe64(v);
		30	memcpy(dst, &v, sizeof(v));
		31	}
		32	#endif
		33
		34	#endif


diff --git a/src/lib/libcrypto/sha/sha512.c b/src/lib/libcrypto/sha/sha512.c index a518c039ea..14c4cbd4f3 100644 --- a/src/lib/libcrypto/sha/sha512.c +++ b/src/lib/libcrypto/sha/sha512.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sha512.c,v 1.30 2023/04/11 15:38:55 tb Exp $ */	1	/* $OpenBSD: sha512.c,v 1.31 2023/04/12 04:40:39 jsing Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -61,6 +61,8 @@
61	#include <openssl/crypto.h>	61	#include <openssl/crypto.h>
62	#include <openssl/sha.h>	62	#include <openssl/sha.h>
63		63
		64	#include "crypto_internal.h"
		65
64	#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)	66	#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
65		67
66	#if !defined(__STRICT_ALIGNMENT) \|\| defined(SHA512_ASM)	68	#if !defined(__STRICT_ALIGNMENT) \|\| defined(SHA512_ASM)
@@ -552,37 +554,21 @@ SHA512_Final(unsigned char md, SHA512_CTX c)
552		554
553	sha512_block_data_order(c, p, 1);	555	sha512_block_data_order(c, p, 1);
554		556
555	if (md == 0)	557	if (md == NULL)
556	return 0;	558	return 0;
557		559
		560	/* Let compiler decide if it's appropriate to unroll... */
558	switch (c->md_len) {	561	switch (c->md_len) {
559	/* Let compiler decide if it's appropriate to unroll... */
560	case SHA384_DIGEST_LENGTH:	562	case SHA384_DIGEST_LENGTH:
561	for (n = 0; n < SHA384_DIGEST_LENGTH/8; n++) {	563	for (n = 0; n < SHA384_DIGEST_LENGTH/8; n++) {
562	SHA_LONG64 t = c->h[n];	564	crypto_store_htobe64(md, c->h[n]);
563		565	md += 8;
564	*(md++) = (unsigned char)(t >> 56);
565	*(md++) = (unsigned char)(t >> 48);
566	*(md++) = (unsigned char)(t >> 40);
567	*(md++) = (unsigned char)(t >> 32);
568	*(md++) = (unsigned char)(t >> 24);
569	*(md++) = (unsigned char)(t >> 16);
570	*(md++) = (unsigned char)(t >> 8);
571	*(md++) = (unsigned char)(t);
572	}	566	}
573	break;	567	break;
574	case SHA512_DIGEST_LENGTH:	568	case SHA512_DIGEST_LENGTH:
575	for (n = 0; n < SHA512_DIGEST_LENGTH/8; n++) {	569	for (n = 0; n < SHA512_DIGEST_LENGTH/8; n++) {
576	SHA_LONG64 t = c->h[n];	570	crypto_store_htobe64(md, c->h[n]);
577		571	md += 8;
578	*(md++) = (unsigned char)(t >> 56);
579	*(md++) = (unsigned char)(t >> 48);
580	*(md++) = (unsigned char)(t >> 40);
581	*(md++) = (unsigned char)(t >> 32);
582	*(md++) = (unsigned char)(t >> 24);
583	*(md++) = (unsigned char)(t >> 16);
584	*(md++) = (unsigned char)(t >> 8);
585	*(md++) = (unsigned char)(t);
586	}	572	}
587	break;	573	break;
588	/* ... as well as make sure md_len is not abused. */	574	/* ... as well as make sure md_len is not abused. */