Temporary fix for Issue 42 and 132
Jeffrey Walton
parent
c8de423ab5
commit
b773052b3d
23
rijndael.cpp
23
rijndael.cpp
|
|
@ -77,7 +77,12 @@ being unloaded from L1 cache, until that round is finished.
|
||||||
|
|
||||||
NAMESPACE_BEGIN(CryptoPP)
|
NAMESPACE_BEGIN(CryptoPP)
|
||||||
|
|
||||||
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
// Hack for https://github.com/weidai11/cryptopp/issues/42 and https://github.com/weidai11/cryptopp/issues/132
|
||||||
|
#if (CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
||||||
|
# define CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS 1
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)
|
||||||
# if (CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_RIJNDAEL_ASM)
|
# if (CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_RIJNDAEL_ASM)
|
||||||
namespace rdtable {CRYPTOPP_ALIGN_DATA(16) word64 Te[256+2];}
|
namespace rdtable {CRYPTOPP_ALIGN_DATA(16) word64 Te[256+2];}
|
||||||
using namespace rdtable;
|
using namespace rdtable;
|
||||||
|
|
@ -110,7 +115,7 @@ static volatile bool s_TeFilled = false, s_TdFilled = false;
|
||||||
tempBlock[c] = ((byte *)(Te+byte(t)))[1]; t >>= 8;\
|
tempBlock[c] = ((byte *)(Te+byte(t)))[1]; t >>= 8;\
|
||||||
tempBlock[d] = ((byte *)(Te+t))[1];
|
tempBlock[d] = ((byte *)(Te+t))[1];
|
||||||
|
|
||||||
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)
|
||||||
#define QUARTER_ROUND_LD(t, a, b, c, d) \
|
#define QUARTER_ROUND_LD(t, a, b, c, d) \
|
||||||
tempBlock[a] = ((byte *)(Td+byte(t)))[GetNativeByteOrder()*7]; t >>= 8;\
|
tempBlock[a] = ((byte *)(Td+byte(t)))[GetNativeByteOrder()*7]; t >>= 8;\
|
||||||
tempBlock[b] = ((byte *)(Td+byte(t)))[GetNativeByteOrder()*7]; t >>= 8;\
|
tempBlock[b] = ((byte *)(Td+byte(t)))[GetNativeByteOrder()*7]; t >>= 8;\
|
||||||
|
|
@ -130,7 +135,7 @@ static volatile bool s_TeFilled = false, s_TdFilled = false;
|
||||||
#ifdef IS_LITTLE_ENDIAN
|
#ifdef IS_LITTLE_ENDIAN
|
||||||
#define QUARTER_ROUND_FE(t, a, b, c, d) QUARTER_ROUND(TL_F, Te, t, d, c, b, a)
|
#define QUARTER_ROUND_FE(t, a, b, c, d) QUARTER_ROUND(TL_F, Te, t, d, c, b, a)
|
||||||
#define QUARTER_ROUND_FD(t, a, b, c, d) QUARTER_ROUND(TL_F, Td, t, d, c, b, a)
|
#define QUARTER_ROUND_FD(t, a, b, c, d) QUARTER_ROUND(TL_F, Td, t, d, c, b, a)
|
||||||
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)
|
||||||
#define TL_F(T, i, x) (*(word32 *)(void *)((byte *)T + x*8 + (6-i)%4+1))
|
#define TL_F(T, i, x) (*(word32 *)(void *)((byte *)T + x*8 + (6-i)%4+1))
|
||||||
#define TL_M(T, i, x) (*(word32 *)(void *)((byte *)T + x*8 + (i+3)%4+1))
|
#define TL_M(T, i, x) (*(word32 *)(void *)((byte *)T + x*8 + (i+3)%4+1))
|
||||||
#else
|
#else
|
||||||
|
|
@ -140,7 +145,7 @@ static volatile bool s_TeFilled = false, s_TdFilled = false;
|
||||||
#else
|
#else
|
||||||
#define QUARTER_ROUND_FE(t, a, b, c, d) QUARTER_ROUND(TL_F, Te, t, a, b, c, d)
|
#define QUARTER_ROUND_FE(t, a, b, c, d) QUARTER_ROUND(TL_F, Te, t, a, b, c, d)
|
||||||
#define QUARTER_ROUND_FD(t, a, b, c, d) QUARTER_ROUND(TL_F, Td, t, a, b, c, d)
|
#define QUARTER_ROUND_FD(t, a, b, c, d) QUARTER_ROUND(TL_F, Td, t, a, b, c, d)
|
||||||
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)
|
||||||
#define TL_F(T, i, x) (*(word32 *)(void *)((byte *)T + x*8 + (4-i)%4))
|
#define TL_F(T, i, x) (*(word32 *)(void *)((byte *)T + x*8 + (4-i)%4))
|
||||||
#define TL_M TL_F
|
#define TL_M TL_F
|
||||||
#else
|
#else
|
||||||
|
|
@ -165,7 +170,7 @@ void Rijndael::Base::FillEncTable()
|
||||||
for (int i=0; i<256; i++)
|
for (int i=0; i<256; i++)
|
||||||
{
|
{
|
||||||
byte x = Se[i];
|
byte x = Se[i];
|
||||||
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)
|
||||||
word32 y = word32(x)<<8 | word32(x)<<16 | word32(f2(x))<<24;
|
word32 y = word32(x)<<8 | word32(x)<<16 | word32(f2(x))<<24;
|
||||||
Te[i] = word64(y | f3(x))<<32 | y;
|
Te[i] = word64(y | f3(x))<<32 | y;
|
||||||
#else
|
#else
|
||||||
|
|
@ -188,7 +193,7 @@ void Rijndael::Base::FillDecTable()
|
||||||
for (int i=0; i<256; i++)
|
for (int i=0; i<256; i++)
|
||||||
{
|
{
|
||||||
byte x = Sd[i];
|
byte x = Sd[i];
|
||||||
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)
|
||||||
word32 y = word32(fd(x))<<8 | word32(f9(x))<<16 | word32(fe(x))<<24;
|
word32 y = word32(fd(x))<<8 | word32(f9(x))<<16 | word32(fe(x))<<24;
|
||||||
Td[i] = word64(y | fb(x))<<32 | y | x;
|
Td[i] = word64(y | fb(x))<<32 | y | x;
|
||||||
#else
|
#else
|
||||||
|
|
@ -387,7 +392,7 @@ void Rijndael::Enc::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock
|
||||||
const int cacheLineSize = GetCacheLineSize();
|
const int cacheLineSize = GetCacheLineSize();
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
word32 u = 0;
|
word32 u = 0;
|
||||||
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)
|
||||||
for (i=0; i<2048; i+=cacheLineSize)
|
for (i=0; i<2048; i+=cacheLineSize)
|
||||||
#else
|
#else
|
||||||
for (i=0; i<1024; i+=cacheLineSize)
|
for (i=0; i<1024; i+=cacheLineSize)
|
||||||
|
|
@ -463,7 +468,7 @@ void Rijndael::Dec::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock
|
||||||
const int cacheLineSize = GetCacheLineSize();
|
const int cacheLineSize = GetCacheLineSize();
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
word32 u = 0;
|
word32 u = 0;
|
||||||
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)
|
||||||
for (i=0; i<2048; i+=cacheLineSize)
|
for (i=0; i<2048; i+=cacheLineSize)
|
||||||
#else
|
#else
|
||||||
for (i=0; i<1024; i+=cacheLineSize)
|
for (i=0; i<1024; i+=cacheLineSize)
|
||||||
|
|
@ -498,7 +503,7 @@ void Rijndael::Dec::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock
|
||||||
rk += 8;
|
rk += 8;
|
||||||
} while (--r);
|
} while (--r);
|
||||||
|
|
||||||
#if !defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
|
#if !(defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS))
|
||||||
// timing attack countermeasure. see comments at top for more details
|
// timing attack countermeasure. see comments at top for more details
|
||||||
// If CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS is defined,
|
// If CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS is defined,
|
||||||
// QUARTER_ROUND_LD will use Td, which is already preloaded.
|
// QUARTER_ROUND_LD will use Td, which is already preloaded.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue