|
 |
a9a466 |
commit 0238eb8f3612515f4374381b593dd79116169330
|
|
|
a9a466 |
Author: John Dennis <jdennis@redhat.com>
|
|
|
a9a466 |
Date: Thu Aug 2 16:21:33 2018 -0400
|
|
|
a9a466 |
|
|
|
a9a466 |
fix concatkdf failures on big endian architectures
|
|
|
a9a466 |
|
|
|
a9a466 |
Several of the elements used to compute the digest in ECDH-ES key
|
|
|
a9a466 |
agreement computation are represented in binary form as a 32-bit
|
|
|
a9a466 |
integer length followed by that number of octets. the length
|
|
|
a9a466 |
field. The 32-bit length integer is represented in big endian
|
|
|
a9a466 |
format (the 8 most significant bits are in the first octet.).
|
|
|
a9a466 |
|
|
|
a9a466 |
The conversion to a 4 byte big endian integer was being computed
|
|
|
a9a466 |
in a manner that only worked on little endian architectures. The
|
|
|
a9a466 |
function htonl() returns a 32-bit integer whose octet sequence given
|
|
|
a9a466 |
the address of the integer is big endian. There is no need for any
|
|
|
a9a466 |
further manipulation.
|
|
|
a9a466 |
|
|
|
a9a466 |
The existing code used bit shifting on a 32-bit value. In C bit
|
|
|
a9a466 |
shifting is endian agnostic for multi-octet values, a right shift
|
|
|
a9a466 |
moves most significant bits toward least significant bits. The result
|
|
|
a9a466 |
of a bit shift of a multi-octet value on either big or little
|
|
|
a9a466 |
archictures will always be the same provided you "view" it as the same
|
|
|
a9a466 |
data type (e.g. 32-bit integer). But indexing the octets of that
|
|
|
a9a466 |
mulit-octet value will be different depending on endianness, hence the
|
|
|
a9a466 |
assembled octets differed depending on endianness.
|
|
|
a9a466 |
|
|
|
a9a466 |
Issue: #77
|
|
|
a9a466 |
Signed-off-by: John Dennis <jdennis@redhat.com>
|
|
|
a9a466 |
|
|
|
a9a466 |
diff --git a/src/concatkdf.c b/src/concatkdf.c
|
|
|
a9a466 |
index ec064ab..59b845a 100644
|
|
|
a9a466 |
--- a/src/concatkdf.c
|
|
|
a9a466 |
+++ b/src/concatkdf.c
|
|
|
a9a466 |
@@ -29,15 +29,9 @@
|
|
|
a9a466 |
////////////////////////////////////////////////////////////////////////////////
|
|
|
a9a466 |
static uint8_t *_apply_uint32(const uint32_t value, uint8_t *buffer)
|
|
|
a9a466 |
{
|
|
|
a9a466 |
- const uint32_t formatted = htonl(value);
|
|
|
a9a466 |
- const uint8_t data[4] = {
|
|
|
a9a466 |
- (formatted >> 0) & 0xff,
|
|
|
a9a466 |
- (formatted >> 8) & 0xff,
|
|
|
a9a466 |
- (formatted >> 16) & 0xff,
|
|
|
a9a466 |
- (formatted >> 24) & 0xff
|
|
|
a9a466 |
- };
|
|
|
a9a466 |
- memcpy(buffer, data, 4);
|
|
|
a9a466 |
+ const uint32_t big_endian_int32 = htonl(value);
|
|
|
a9a466 |
|
|
|
a9a466 |
+ memcpy(buffer, &big_endian_int32, 4);
|
|
|
a9a466 |
return buffer + 4;
|
|
|
a9a466 |
}
|
|
|
a9a466 |
|
|
|
a9a466 |
diff --git a/test/check_concatkdf.c b/test/check_concatkdf.c
|
|
|
a9a466 |
index e4325fc..41d0f1c 100644
|
|
|
a9a466 |
--- a/test/check_concatkdf.c
|
|
|
a9a466 |
+++ b/test/check_concatkdf.c
|
|
|
a9a466 |
@@ -60,14 +60,9 @@ _create_otherinfo_header_finish:
|
|
|
a9a466 |
|
|
|
a9a466 |
static bool _cmp_uint32(uint8_t **actual, uint32_t expected)
|
|
|
a9a466 |
{
|
|
|
a9a466 |
- uint32_t value = htonl(expected);
|
|
|
a9a466 |
- uint8_t expectedData[] = {
|
|
|
a9a466 |
- (value >> 0) & 0xff,
|
|
|
a9a466 |
- (value >> 8) & 0xff,
|
|
|
a9a466 |
- (value >> 16) & 0xff,
|
|
|
a9a466 |
- (value >> 24) & 0xff
|
|
|
a9a466 |
- };
|
|
|
a9a466 |
- bool result = (0 == memcmp(*actual, expectedData, 4));
|
|
|
a9a466 |
+ uint32_t big_endian_int32 = htonl(expected);
|
|
|
a9a466 |
+
|
|
|
a9a466 |
+ bool result = (0 == memcmp(*actual, &big_endian_int32, 4));
|
|
|
a9a466 |
(*actual) += 4;
|
|
|
a9a466 |
return result;
|
|
|
a9a466 |
}
|