Skip to content

Commit

Permalink
keccak: guard against misaligned memory accesses on ARM
Browse files Browse the repository at this point in the history
The code generated is exactly the same as the direct access
one on x86_64
  • Loading branch information
moneromooo-monero committed Jul 4, 2019
1 parent 2af1ea5 commit 200e53c
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 3 deletions.
9 changes: 6 additions & 3 deletions src/crypto/keccak.c
Original file line number Diff line number Diff line change
Expand Up @@ -105,9 +105,12 @@ void keccak(const uint8_t *in, size_t inlen, uint8_t *md, int mdlen)
memset(st, 0, sizeof(st));

for ( ; inlen >= rsiz; inlen -= rsiz, in += rsiz) {
for (i = 0; i < rsizw; i++)
st[i] ^= swap64le(((uint64_t *) in)[i]);
keccakf(st, KECCAK_ROUNDS);
for (i = 0; i < rsizw; i++) {
uint64_t ina;
memcpy(&ina, in + i * 8, 8);
st[i] ^= swap64le(ina);
}
keccakf(st, KECCAK_ROUNDS);
}

// last block and padding
Expand Down
17 changes: 17 additions & 0 deletions tests/unit_tests/keccak.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -148,3 +148,20 @@ TEST(keccak, 137_and_1_136)
TEST_KECCAK(137, chunks);
}

TEST(keccak, alignment)
{
uint8_t data[6064];
__attribute__ ((aligned(16))) char adata[6000];

for (size_t i = 0; i < sizeof(data) / sizeof(data[0]); ++i)
data[i] = i & 1;

uint8_t md[32], amd[32];
for (int offset = 0; offset < 64; ++offset)
{
memcpy(adata, data + offset, 6000);
keccak((const uint8_t*)&data[offset], 6000, md, 32);
keccak((const uint8_t*)adata, 6000, amd, 32);
ASSERT_TRUE(!memcmp(md, amd, 32));
}
}

0 comments on commit 200e53c

Please sign in to comment.