diff options
Diffstat (limited to 'debian/patches/big-endian-random2.diff')
| -rw-r--r-- | debian/patches/big-endian-random2.diff | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/debian/patches/big-endian-random2.diff b/debian/patches/big-endian-random2.diff new file mode 100644 index 00000000..12893c9a --- /dev/null +++ b/debian/patches/big-endian-random2.diff @@ -0,0 +1,90 @@ +From: Benjamin Barenblat <bbaren@google.com> +Subject: Make randen_slow endian-correct +Forwarded: yes +Applied-Upstream: https://github.com/abseil/abseil-cpp/commit/33541e751039a8c4bd3a395dd1a3a0928885814a + +Pay attention to the platform endianness when pulling bytes out of each +AES block, and use platform-endian round keys. + +The author works at Google. Upstream applied this patch as Piper +revision 383878281 and exported it to GitHub; the Applied-Upstream URL +above points to the exported commit. + +--- a/absl/random/internal/BUILD.bazel ++++ b/absl/random/internal/BUILD.bazel +@@ -296,6 +296,7 @@ + ":platform", + "//absl/base:config", + "//absl/base:core_headers", ++ "//absl/base:endian", + "//absl/numeric:int128", + ], + ) +--- a/absl/random/internal/randen_slow.cc ++++ b/absl/random/internal/randen_slow.cc +@@ -19,6 +19,7 @@ + #include <cstring> + + #include "absl/base/attributes.h" ++#include "absl/base/internal/endian.h" + #include "absl/numeric/int128.h" + #include "absl/random/internal/platform.h" + #include "absl/random/internal/randen_traits.h" +@@ -40,7 +41,7 @@ + + // AES portions based on rijndael-alg-fst.c, + // https://fastcrypto.org/front/misc/rijndael-alg-fst.c, and modified for +-// little-endianness. ++// platform-endianness. + // + // Implementation of + // http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf +@@ -251,6 +252,7 @@ + inline ABSL_RANDOM_INTERNAL_ATTRIBUTE_ALWAYS_INLINE Vector128 + AesRound(const Vector128& state, const Vector128& round_key) { + Vector128 result; ++#ifdef ABSL_IS_LITTLE_ENDIAN + result.s[0] = round_key.s[0] ^ // + te0[uint8_t(state.s[0])] ^ // + te1[uint8_t(state.s[1] >> 8)] ^ // +@@ -271,6 +273,28 @@ + te1[uint8_t(state.s[0] >> 8)] ^ // + te2[uint8_t(state.s[1] >> 16)] ^ // + te3[uint8_t(state.s[2] >> 24)]; ++#else ++ result.s[0] = round_key.s[0] ^ // ++ te0[uint8_t(state.s[0])] ^ // ++ te1[uint8_t(state.s[3] >> 8)] ^ // ++ te2[uint8_t(state.s[2] >> 16)] ^ // ++ te3[uint8_t(state.s[1] >> 24)]; ++ result.s[1] = round_key.s[1] ^ // ++ te0[uint8_t(state.s[1])] ^ // ++ te1[uint8_t(state.s[0] >> 8)] ^ // ++ te2[uint8_t(state.s[3] >> 16)] ^ // ++ te3[uint8_t(state.s[2] >> 24)]; ++ result.s[2] = round_key.s[2] ^ // ++ te0[uint8_t(state.s[2])] ^ // ++ te1[uint8_t(state.s[1] >> 8)] ^ // ++ te2[uint8_t(state.s[0] >> 16)] ^ // ++ te3[uint8_t(state.s[3] >> 24)]; ++ result.s[3] = round_key.s[3] ^ // ++ te0[uint8_t(state.s[3])] ^ // ++ te1[uint8_t(state.s[2] >> 8)] ^ // ++ te2[uint8_t(state.s[1] >> 16)] ^ // ++ te3[uint8_t(state.s[0] >> 24)]; ++#endif + return result; + } + +@@ -380,7 +404,11 @@ + const void* RandenSlow::GetKeys() { + // Round keys for one AES per Feistel round and branch. + // The canonical implementation uses first digits of Pi. ++#ifdef ABSL_IS_LITTLE_ENDIAN + return kRandenRoundKeys; ++#else ++ return kRandenRoundKeysBE; ++#endif + } + + void RandenSlow::Absorb(const void* seed_void, void* state_void) { |