- cipher/salsa20.c (selftest): Ensure 16-byte alignment for salsa20

context structure.

- mpi/longlong.h: Fix build on sparc.

PR:		206919
Approved by:	junovitch (mentor)

4 files changed, 90 insertions, 28 deletions

diff --git a/security/libgcrypt/Makefile b/security/libgcrypt/Makefile
index fbba1da54f11..c79c5d55a52c 100644
--- a/security/libgcrypt/Makefile
+++ b/security/libgcrypt/Makefile
@@ -2,6 +2,7 @@
 
 PORTNAME=	libgcrypt
 PORTVERSION=	1.6.5
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	GNUPG
 
@@ -40,11 +41,6 @@ post-patch:
 	${RM} -f ${WRKSRC}/doc/gcrypt.info*
 	${REINPLACE_CMD} -e 's|ALIGN (3)|ALIGN (2)|g' ${WRKSRC}/mpi/i386/*.S
 
-# Fix crash at cipher/salsa20.c module on amd64
-.if ${ARCH} == "amd64" && exists(/usr/bin/clang)
-CFLAGS:=	${CFLAGS:N-O*} -O2
-.endif
-
 post-install:
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/${PORTNAME}.so
 
diff --git a/security/libgcrypt/files/patch-cipher-Makefile.in b/security/libgcrypt/files/patch-cipher-Makefile.in
deleted file mode 100644
index 2862e3746666..000000000000
--- a/security/libgcrypt/files/patch-cipher-Makefile.in
+++ /dev/null
@@ -1,23 +0,0 @@
---- cipher/Makefile.in.orig	2015-09-08 06:32:11 UTC
-+++ cipher/Makefile.in
-@@ -818,13 +818,19 @@ uninstall-am:
- 	tags tags-am uninstall uninstall-am
- 
- 
--# We need to lower the optimization for this module.
-+# We need to lower the optimization for these modules.
- tiger.o: $(srcdir)/tiger.c
- 	`echo $(COMPILE) -c $(srcdir)/tiger.c | $(o_flag_munging) `
- 
- tiger.lo: $(srcdir)/tiger.c
- 	`echo $(LTCOMPILE) -c $(srcdir)/tiger.c | $(o_flag_munging) `
- 
-+salsa20.o: $(srcdir)/salsa20.c
-+	`echo $(COMPILE) -c $(srcdir)/salsa20.c | $(o_flag_munging) `
-+
-+salsa20.lo: $(srcdir)/salsa20.c
-+	`echo $(LTCOMPILE) -c $(srcdir)/salsa20.c | $(o_flag_munging) `
-+
- # Tell versions [3.59,3.63) of GNU make to not export all variables.
- # Otherwise a system limit (for SysV at least) may be exceeded.
- .NOEXPORT:
diff --git a/security/libgcrypt/files/patch-cipher_salsa20.c b/security/libgcrypt/files/patch-cipher_salsa20.c
new file mode 100644
index 000000000000..97cbfa8bd605
--- /dev/null
+++ b/security/libgcrypt/files/patch-cipher_salsa20.c
@@ -0,0 +1,62 @@
+--- cipher/salsa20.c.orig	2016-03-23 16:34:00 UTC
++++ cipher/salsa20.c
+@@ -485,7 +485,8 @@ salsa20r12_encrypt_stream (void *context
+ static const char*
+ selftest (void)
+ {
+-  SALSA20_context_t ctx;
++  byte ctxbuf[sizeof(SALSA20_context_t) + 15];
++  SALSA20_context_t *ctx;
+   byte scratch[8+1];
+   byte buf[256+64+4];
+   int i;
+@@ -502,32 +503,35 @@ selftest (void)
+   static const byte ciphertext_1[] =
+     { 0xE3, 0xBE, 0x8F, 0xDD, 0x8B, 0xEC, 0xA2, 0xE3};
+ 
+-  salsa20_setkey (&ctx, key_1, sizeof key_1);
+-  salsa20_setiv  (&ctx, nonce_1, sizeof nonce_1);
++  /* 16-byte alignment required for amd64 implementation. */
++  ctx = (SALSA20_context_t *)((uintptr_t)(ctxbuf + 15) & ~(uintptr_t)15);
++
++  salsa20_setkey (ctx, key_1, sizeof key_1);
++  salsa20_setiv  (ctx, nonce_1, sizeof nonce_1);
+   scratch[8] = 0;
+-  salsa20_encrypt_stream (&ctx, scratch, plaintext_1, sizeof plaintext_1);
++  salsa20_encrypt_stream (ctx, scratch, plaintext_1, sizeof plaintext_1);
+   if (memcmp (scratch, ciphertext_1, sizeof ciphertext_1))
+     return "Salsa20 encryption test 1 failed.";
+   if (scratch[8])
+     return "Salsa20 wrote too much.";
+-  salsa20_setkey( &ctx, key_1, sizeof(key_1));
+-  salsa20_setiv  (&ctx, nonce_1, sizeof nonce_1);
+-  salsa20_encrypt_stream (&ctx, scratch, scratch, sizeof plaintext_1);
++  salsa20_setkey( ctx, key_1, sizeof(key_1));
++  salsa20_setiv  (ctx, nonce_1, sizeof nonce_1);
++  salsa20_encrypt_stream (ctx, scratch, scratch, sizeof plaintext_1);
+   if (memcmp (scratch, plaintext_1, sizeof plaintext_1))
+     return "Salsa20 decryption test 1 failed.";
+ 
+   for (i = 0; i < sizeof buf; i++)
+     buf[i] = i;
+-  salsa20_setkey (&ctx, key_1, sizeof key_1);
+-  salsa20_setiv (&ctx, nonce_1, sizeof nonce_1);
++  salsa20_setkey (ctx, key_1, sizeof key_1);
++  salsa20_setiv (ctx, nonce_1, sizeof nonce_1);
+   /*encrypt*/
+-  salsa20_encrypt_stream (&ctx, buf, buf, sizeof buf);
++  salsa20_encrypt_stream (ctx, buf, buf, sizeof buf);
+   /*decrypt*/
+-  salsa20_setkey (&ctx, key_1, sizeof key_1);
+-  salsa20_setiv (&ctx, nonce_1, sizeof nonce_1);
+-  salsa20_encrypt_stream (&ctx, buf, buf, 1);
+-  salsa20_encrypt_stream (&ctx, buf+1, buf+1, (sizeof buf)-1-1);
+-  salsa20_encrypt_stream (&ctx, buf+(sizeof buf)-1, buf+(sizeof buf)-1, 1);
++  salsa20_setkey (ctx, key_1, sizeof key_1);
++  salsa20_setiv (ctx, nonce_1, sizeof nonce_1);
++  salsa20_encrypt_stream (ctx, buf, buf, 1);
++  salsa20_encrypt_stream (ctx, buf+1, buf+1, (sizeof buf)-1-1);
++  salsa20_encrypt_stream (ctx, buf+(sizeof buf)-1, buf+(sizeof buf)-1, 1);
+   for (i = 0; i < sizeof buf; i++)
+     if (buf[i] != (byte)i)
+       return "Salsa20 encryption test 2 failed.";
diff --git a/security/libgcrypt/files/patch-mpi_longlong.h b/security/libgcrypt/files/patch-mpi_longlong.h
new file mode 100644
index 000000000000..8ad882b895d0
--- /dev/null
+++ b/security/libgcrypt/files/patch-mpi_longlong.h
@@ -0,0 +1,27 @@
+--- mpi/longlong.h.orig	2016-03-23 17:33:08 UTC
++++ mpi/longlong.h
+@@ -170,6 +170,7 @@ MA 02111-1307, USA. */
+     (pl) = __m0 * __m1; 						\
+   } while (0)
+ #define UMUL_TIME 46
++#if 0
+ #ifndef LONGLONG_STANDALONE
+ #define udiv_qrnnd(q, r, n1, n0, d) \
+   do { UDItype __r;							\
+@@ -179,6 +180,7 @@ MA 02111-1307, USA. */
+ extern UDItype __udiv_qrnnd ();
+ #define UDIV_TIME 220
+ #endif /* LONGLONG_STANDALONE */
++#endif /* 0 */
+ #endif /* __alpha */
+ 
+ /***************************************
+@@ -1287,7 +1289,7 @@ typedef unsigned int UTItype __attribute
+ 	     "rJ" ((USItype)(al)),                                      \
+ 	     "rI" ((USItype)(bl))                                       \
+ 	   __CLOBBER_CC)
+-#if defined (__sparc_v8__) || defined(__sparcv8)
++#if defined (__sparc_v8__) || defined(__sparcv8) || defined (__sparc__)
+ /* Don't match immediate range because, 1) it is not often useful,
+    2) the 'I' flag thinks of the range as a 13 bit signed interval,
+    while we want to match a 13 bit interval, sign extended to 32 bits,