1 files changed, 25 insertions, 39 deletions
diff --git a/src/lib/libcrypto/sm4/sm4.c b/src/lib/libcrypto/sm4/sm4.c
index a6c072de3b..31acac11f6 100644
--- a/src/lib/libcrypto/sm4/sm4.c
+++ b/src/lib/libcrypto/sm4/sm4.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sm4.c,v 1.4 2025/01/22 09:42:27 jsing Exp $   */
+/*      $OpenBSD: sm4.c,v 1.5 2025/01/22 09:46:26 jsing Exp $   */
 /*
 * Copyright (c) 2017, 2019 Ribose Inc
 *
@@ -101,24 +101,6 @@ static const uint32_t SM4_SBOX_T[256] = {
 };
 static inline uint32_t
-load_u32_be(const uint8_t *b, uint32_t n)
-{
-        return ((uint32_t)b[4 * n] << 24) |
-            ((uint32_t)b[4 * n + 1] << 16) |
-            ((uint32_t)b[4 * n + 2] << 8) |
-            ((uint32_t)b[4 * n + 3]);
-}
-static inline void
-store_u32_be(uint32_t v, uint8_t *b)
-{
-        b[0] = (uint8_t)(v >> 24);
-        b[1] = (uint8_t)(v >> 16);
-        b[2] = (uint8_t)(v >> 8);
-        b[3] = (uint8_t)(v);
-}
-static inline uint32_t
 SM4_T_slow(uint32_t X)
 {
        uint32_t t = 0;
@@ -170,10 +152,10 @@ SM4_set_key(const uint8_t *key, SM4_KEY *k)
        uint32_t K[4];
        int i;
-        K[0] = load_u32_be(key, 0) ^ SM4_FK[0];
+        K[0] = crypto_load_be32toh(&key[0 * 4]) ^ SM4_FK[0];
-        K[1] = load_u32_be(key, 1) ^ SM4_FK[1];
+        K[1] = crypto_load_be32toh(&key[1 * 4]) ^ SM4_FK[1];
-        K[2] = load_u32_be(key, 2) ^ SM4_FK[2];
+        K[2] = crypto_load_be32toh(&key[2 * 4]) ^ SM4_FK[2];
-        K[3] = load_u32_be(key, 3) ^ SM4_FK[3];
+        K[3] = crypto_load_be32toh(&key[3 * 4]) ^ SM4_FK[3];
        for (i = 0; i < SM4_KEY_SCHEDULE; i++) {
                uint32_t X;
@@ -207,10 +189,12 @@ void
 SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *k)
 {
        struct sm4_key *ks = (struct sm4_key *)k;
-        uint32_t B0 = load_u32_be(in, 0);
+        uint32_t B0, B1, B2, B3;
-        uint32_t B1 = load_u32_be(in, 1);
-        uint32_t B2 = load_u32_be(in, 2);
+        B0 = crypto_load_be32toh(&in[0 * 4]);
-        uint32_t B3 = load_u32_be(in, 3);
+        B1 = crypto_load_be32toh(&in[1 * 4]);
+        B2 = crypto_load_be32toh(&in[2 * 4]);
+        B3 = crypto_load_be32toh(&in[3 * 4]);
        /*
         * Uses byte-wise sbox in the first and last rounds to provide some
@@ -225,10 +209,10 @@ SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *k)
        SM4_ROUNDS(24, 25, 26, 27, SM4_T);
        SM4_ROUNDS(28, 29, 30, 31, SM4_T_slow);
-        store_u32_be(B3, out);
+        crypto_store_htobe32(&out[0 * 4], B3);
-        store_u32_be(B2, out + 4);
+        crypto_store_htobe32(&out[1 * 4], B2);
-        store_u32_be(B1, out + 8);
+        crypto_store_htobe32(&out[2 * 4], B1);
-        store_u32_be(B0, out + 12);
+        crypto_store_htobe32(&out[3 * 4], B0);
 }
 LCRYPTO_ALIAS(SM4_encrypt);
@@ -236,10 +220,12 @@ void
 SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *k)
 {
        struct sm4_key *ks = (struct sm4_key *)k;
-        uint32_t B0 = load_u32_be(in, 0);
+        uint32_t B0, B1, B2, B3;
-        uint32_t B1 = load_u32_be(in, 1);
-        uint32_t B2 = load_u32_be(in, 2);
+        B0 = crypto_load_be32toh(&in[0 * 4]);
-        uint32_t B3 = load_u32_be(in, 3);
+        B1 = crypto_load_be32toh(&in[1 * 4]);
+        B2 = crypto_load_be32toh(&in[2 * 4]);
+        B3 = crypto_load_be32toh(&in[3 * 4]);
        SM4_ROUNDS(31, 30, 29, 28, SM4_T_slow);
        SM4_ROUNDS(27, 26, 25, 24, SM4_T);
@@ -250,10 +236,10 @@ SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *k)
        SM4_ROUNDS( 7,  6,  5,  4, SM4_T);
        SM4_ROUNDS( 3,  2,  1,  0, SM4_T_slow);
-        store_u32_be(B3, out);
+        crypto_store_htobe32(&out[0 * 4], B3);
-        store_u32_be(B2, out + 4);
+        crypto_store_htobe32(&out[1 * 4], B2);
-        store_u32_be(B1, out + 8);
+        crypto_store_htobe32(&out[2 * 4], B1);
-        store_u32_be(B0, out + 12);
+        crypto_store_htobe32(&out[3 * 4], B0);
 }
 LCRYPTO_ALIAS(SM4_decrypt);

diff --git a/src/lib/libcrypto/sm4/sm4.c b/src/lib/libcrypto/sm4/sm4.c index a6c072de3b..31acac11f6 100644 --- a/src/lib/libcrypto/sm4/sm4.c +++ b/src/lib/libcrypto/sm4/sm4.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sm4.c,v 1.4 2025/01/22 09:42:27 jsing Exp $ */	1	/* $OpenBSD: sm4.c,v 1.5 2025/01/22 09:46:26 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2017, 2019 Ribose Inc	3	* Copyright (c) 2017, 2019 Ribose Inc
4	*	4	*
@@ -101,24 +101,6 @@ static const uint32_t SM4_SBOX_T[256] = {
101	};	101	};
102		102
103	static inline uint32_t	103	static inline uint32_t
104	load_u32_be(const uint8_t *b, uint32_t n)
105	{
106	return ((uint32_t)b[4 * n] << 24) \|
107	((uint32_t)b[4 * n + 1] << 16) \|
108	((uint32_t)b[4 * n + 2] << 8) \|
109	((uint32_t)b[4 * n + 3]);
110	}
111
112	static inline void
113	store_u32_be(uint32_t v, uint8_t *b)
114	{
115	b[0] = (uint8_t)(v >> 24);
116	b[1] = (uint8_t)(v >> 16);
117	b[2] = (uint8_t)(v >> 8);
118	b[3] = (uint8_t)(v);
119	}
120
121	static inline uint32_t
122	SM4_T_slow(uint32_t X)	104	SM4_T_slow(uint32_t X)
123	{	105	{
124	uint32_t t = 0;	106	uint32_t t = 0;
@@ -170,10 +152,10 @@ SM4_set_key(const uint8_t key, SM4_KEY k)
170	uint32_t K[4];	152	uint32_t K[4];
171	int i;	153	int i;
172		154
173	K[0] = load_u32_be(key, 0) ^ SM4_FK[0];	155	K[0] = crypto_load_be32toh(&key[0 * 4]) ^ SM4_FK[0];
174	K[1] = load_u32_be(key, 1) ^ SM4_FK[1];	156	K[1] = crypto_load_be32toh(&key[1 * 4]) ^ SM4_FK[1];
175	K[2] = load_u32_be(key, 2) ^ SM4_FK[2];	157	K[2] = crypto_load_be32toh(&key[2 * 4]) ^ SM4_FK[2];
176	K[3] = load_u32_be(key, 3) ^ SM4_FK[3];	158	K[3] = crypto_load_be32toh(&key[3 * 4]) ^ SM4_FK[3];
177		159
178	for (i = 0; i < SM4_KEY_SCHEDULE; i++) {	160	for (i = 0; i < SM4_KEY_SCHEDULE; i++) {
179	uint32_t X;	161	uint32_t X;
@@ -207,10 +189,12 @@ void
207	SM4_encrypt(const uint8_t in, uint8_t out, const SM4_KEY *k)	189	SM4_encrypt(const uint8_t in, uint8_t out, const SM4_KEY *k)
208	{	190	{
209	struct sm4_key ks = (struct sm4_key )k;	191	struct sm4_key ks = (struct sm4_key )k;
210	uint32_t B0 = load_u32_be(in, 0);	192	uint32_t B0, B1, B2, B3;
211	uint32_t B1 = load_u32_be(in, 1);	193
212	uint32_t B2 = load_u32_be(in, 2);	194	B0 = crypto_load_be32toh(&in[0 * 4]);
213	uint32_t B3 = load_u32_be(in, 3);	195	B1 = crypto_load_be32toh(&in[1 * 4]);
		196	B2 = crypto_load_be32toh(&in[2 * 4]);
		197	B3 = crypto_load_be32toh(&in[3 * 4]);
214		198
215	/*	199	/*
216	* Uses byte-wise sbox in the first and last rounds to provide some	200	* Uses byte-wise sbox in the first and last rounds to provide some
@@ -225,10 +209,10 @@ SM4_encrypt(const uint8_t in, uint8_t out, const SM4_KEY *k)
225	SM4_ROUNDS(24, 25, 26, 27, SM4_T);	209	SM4_ROUNDS(24, 25, 26, 27, SM4_T);
226	SM4_ROUNDS(28, 29, 30, 31, SM4_T_slow);	210	SM4_ROUNDS(28, 29, 30, 31, SM4_T_slow);
227		211
228	store_u32_be(B3, out);	212	crypto_store_htobe32(&out[0 * 4], B3);
229	store_u32_be(B2, out + 4);	213	crypto_store_htobe32(&out[1 * 4], B2);
230	store_u32_be(B1, out + 8);	214	crypto_store_htobe32(&out[2 * 4], B1);
231	store_u32_be(B0, out + 12);	215	crypto_store_htobe32(&out[3 * 4], B0);
232	}	216	}
233	LCRYPTO_ALIAS(SM4_encrypt);	217	LCRYPTO_ALIAS(SM4_encrypt);
234		218
@@ -236,10 +220,12 @@ void
236	SM4_decrypt(const uint8_t in, uint8_t out, const SM4_KEY *k)	220	SM4_decrypt(const uint8_t in, uint8_t out, const SM4_KEY *k)
237	{	221	{
238	struct sm4_key ks = (struct sm4_key )k;	222	struct sm4_key ks = (struct sm4_key )k;
239	uint32_t B0 = load_u32_be(in, 0);	223	uint32_t B0, B1, B2, B3;
240	uint32_t B1 = load_u32_be(in, 1);	224
241	uint32_t B2 = load_u32_be(in, 2);	225	B0 = crypto_load_be32toh(&in[0 * 4]);
242	uint32_t B3 = load_u32_be(in, 3);	226	B1 = crypto_load_be32toh(&in[1 * 4]);
		227	B2 = crypto_load_be32toh(&in[2 * 4]);
		228	B3 = crypto_load_be32toh(&in[3 * 4]);
243		229
244	SM4_ROUNDS(31, 30, 29, 28, SM4_T_slow);	230	SM4_ROUNDS(31, 30, 29, 28, SM4_T_slow);
245	SM4_ROUNDS(27, 26, 25, 24, SM4_T);	231	SM4_ROUNDS(27, 26, 25, 24, SM4_T);
@@ -250,10 +236,10 @@ SM4_decrypt(const uint8_t in, uint8_t out, const SM4_KEY *k)
250	SM4_ROUNDS( 7, 6, 5, 4, SM4_T);	236	SM4_ROUNDS( 7, 6, 5, 4, SM4_T);
251	SM4_ROUNDS( 3, 2, 1, 0, SM4_T_slow);	237	SM4_ROUNDS( 3, 2, 1, 0, SM4_T_slow);
252		238
253	store_u32_be(B3, out);	239	crypto_store_htobe32(&out[0 * 4], B3);
254	store_u32_be(B2, out + 4);	240	crypto_store_htobe32(&out[1 * 4], B2);
255	store_u32_be(B1, out + 8);	241	crypto_store_htobe32(&out[2 * 4], B1);
256	store_u32_be(B0, out + 12);	242	crypto_store_htobe32(&out[3 * 4], B0);
257	}	243	}
258	LCRYPTO_ALIAS(SM4_decrypt);	244	LCRYPTO_ALIAS(SM4_decrypt);
259		245