From 00c5dccae0302d307eb07ee5cff61bf972944de6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Niels=20M=C3=B6ller?= Date: Sat, 3 May 2014 09:52:23 +0200 Subject: [PATCH] Avoid >= 32 bit shifts when size_t is only 32 bits. --- ChangeLog | 4 ++++ ccm.c | 17 ++++++++++------- configure.ac | 1 + 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index de6cacc0..7cdf88d8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ 2014-05-03 Niels Möller + * configure.ac: Check for SIZEOF_SIZE_T. + * ccm.c (ccm_set_nonce): Skip code for 64-bit encoding when size_t + is only 32 bits. + * nettle.texinfo (CCM): Document new ccm macros and constants. Describe ccm restrictions. diff --git a/ccm.c b/ccm.c index 5ca6e054..c5ff7908 100644 --- a/ccm.c +++ b/ccm.c @@ -135,6 +135,7 @@ ccm_set_nonce(struct ccm_ctx *ctx, const void *cipher, nettle_cipher_func *f, /* Encrypt B0 (with the adata flag), and input L(a) to the CBC-MAC. */ ctx->tag.b[CCM_OFFSET_FLAGS] |= CCM_FLAG_ADATA; f(cipher, CCM_BLOCK_SIZE, ctx->tag.b, ctx->tag.b); +#if SIZEOF_SIZE_T > 4 if (authlen >= (0x01ULL << 32)) { /* Encode L(a) as 0xff || 0xff || <64-bit integer> */ ctx->tag.b[ctx->blength++] ^= 0xff; @@ -146,13 +147,15 @@ ccm_set_nonce(struct ccm_ctx *ctx, const void *cipher, nettle_cipher_func *f, ctx->tag.b[ctx->blength++] ^= (authlen >> 24) & 0xff; ctx->tag.b[ctx->blength++] ^= (authlen >> 16) & 0xff; } - else if (authlen >= ((0x1ULL << 16) - (0x1ULL << 8))) { - /* Encode L(a) as 0xff || 0xfe || <32-bit integer> */ - ctx->tag.b[ctx->blength++] ^= 0xff; - ctx->tag.b[ctx->blength++] ^= 0xfe; - ctx->tag.b[ctx->blength++] ^= (authlen >> 24) & 0xff; - ctx->tag.b[ctx->blength++] ^= (authlen >> 16) & 0xff; - } + else +#endif + if (authlen >= ((0x1ULL << 16) - (0x1ULL << 8))) { + /* Encode L(a) as 0xff || 0xfe || <32-bit integer> */ + ctx->tag.b[ctx->blength++] ^= 0xff; + ctx->tag.b[ctx->blength++] ^= 0xfe; + ctx->tag.b[ctx->blength++] ^= (authlen >> 24) & 0xff; + ctx->tag.b[ctx->blength++] ^= (authlen >> 16) & 0xff; + } ctx->tag.b[ctx->blength++] ^= (authlen >> 8) & 0xff; ctx->tag.b[ctx->blength++] ^= (authlen >> 0) & 0xff; } diff --git a/configure.ac b/configure.ac index 81c9c8d9..4aac1812 100644 --- a/configure.ac +++ b/configure.ac @@ -630,6 +630,7 @@ AC_TYPE_UID_T AC_TYPE_SIZE_T AC_HEADER_TIME AC_CHECK_SIZEOF(long) +AC_CHECK_SIZEOF(size_t) AC_CHECK_HEADERS([openssl/blowfish.h openssl/des.h openssl/cast.h openssl/aes.h openssl/ecdsa.h],, [enable_openssl=no -- GitLab