diff options
| author |   tobhe <tobhe@openbsd.org> | 2020-12-30 14:13:28 +0000 |
|---|---|---|
| committer | tobhe <tobhe@openbsd.org> | 2020-12-30 14:13:28 +0000 |
| commit | 89781a83149a2df66baed35a89417e17aff60cb1 (patch) | |
| tree | dced416496bd2acd82d6c075f7e1096f22e579e8 | |
| parent | Make the list of supported protocols more prominent (diff) | |
| download | wireguard-openbsd-89781a83149a2df66baed35a89417e17aff60cb1.tar.xz wireguard-openbsd-89781a83149a2df66baed35a89417e17aff60cb1.zip | |
Use int64_t for intermediate values in int32_MINMAX to prevent signed
32-bit integer overflow.
Found by and ok djm@
ok markus@
| -rw-r--r-- | usr.bin/ssh/int32_minmax.inc | 20 | ||||
| -rw-r--r-- | usr.bin/ssh/sntrup761.c | 15 | ||||
| -rw-r--r-- | usr.bin/ssh/sntrup761.sh | 4 |
3 files changed, 24 insertions, 15 deletions
diff --git a/usr.bin/ssh/int32_minmax.inc b/usr.bin/ssh/int32_minmax.inc new file mode 100644 index 00000000000..2f6ff519518 --- /dev/null +++ b/usr.bin/ssh/int32_minmax.inc @@ -0,0 +1,20 @@ +/* $OpenBSD: int32_minmax.inc,v 1.1 2020/12/30 14:13:28 tobhe Exp $ */ + +/* + * Public Domain, Authors: + * - Daniel J. Bernstein + * - Chitchanok Chuengsatiansup + * - Tanja Lange + * - Christine van Vredendaal + */ + +#define int32_MINMAX(a,b) \ +do { \ + int64_t ab = (int64_t)b ^ (int64_t)a; \ + int64_t c = (int64_t)b - (int64_t)a; \ + c ^= ab & (c ^ b); \ + c >>= 31; \ + c &= ab; \ + a ^= c; \ + b ^= c; \ +} while(0) diff --git a/usr.bin/ssh/sntrup761.c b/usr.bin/ssh/sntrup761.c index b95d3062486..61f6bb353c9 100644 --- a/usr.bin/ssh/sntrup761.c +++ b/usr.bin/ssh/sntrup761.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sntrup761.c,v 1.1 2020/12/29 00:59:15 djm Exp $ */ +/* $OpenBSD: sntrup761.c,v 1.2 2020/12/30 14:13:28 tobhe Exp $ */ /* * Public Domain, Authors: @@ -10,21 +10,10 @@ #include <string.h> #include "crypto_api.h" +#include "int32_minmax.inc" #define CRYPTO_NAMESPACE(s) s -/* from supercop-20201130/crypto_sort/int32/portable4/int32_minmax.inc */ -#define int32_MINMAX(a,b) \ -do { \ - int32 ab = b ^ a; \ - int32 c = b - a; \ - c ^= ab & (c ^ b); \ - c >>= 31; \ - c &= ab; \ - a ^= c; \ - b ^= c; \ -} while(0) - /* from supercop-20201130/crypto_sort/int32/portable4/sort.c */ #define int32 crypto_int32 diff --git a/usr.bin/ssh/sntrup761.sh b/usr.bin/ssh/sntrup761.sh index 7fa9e324904..5ddea77a05a 100644 --- a/usr.bin/ssh/sntrup761.sh +++ b/usr.bin/ssh/sntrup761.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: sntrup761.sh,v 1.1 2020/12/29 00:59:15 djm Exp $ +# $OpenBSD: sntrup761.sh,v 1.2 2020/12/30 14:13:28 tobhe Exp $ # Placed in the Public Domain. # AUTHOR="supercop-20201130/crypto_kem/sntrup761/ref/implementors" @@ -21,7 +21,6 @@ FILES=" supercop-20201130/crypto_kem/sntrup761/ref/kem.c " SORT_I32=" - supercop-20201130/crypto_sort/int32/portable4/int32_minmax.inc supercop-20201130/crypto_sort/int32/portable4/sort.c " SORT_U32="supercop-20201130/crypto_sort/uint32/useint32/sort.c" @@ -39,6 +38,7 @@ echo ' */' echo echo '#include <string.h>' echo '#include "crypto_api.h"' +echo '#include "int32_minmax.inc"' echo echo '#define CRYPTO_NAMESPACE(s) s' echo |