[PATCH 2/3] gostr3411_94: set better burn stack depth estimate

Jussi Kivilinna jussi.kivilinna at iki.fi
Thu Sep 19 13:47:59 CEST 2013


* cipher/gost28147.c (_gcry_gost_enc_one): Account function stack to
burn stack depth.
* cipher/gostr3411-94.c (max): New macro.
(do_hash_step, transform): Return stack burn depth.
--

Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
 cipher/gost28147.c    |    2 +-
 cipher/gostr3411-94.c |   19 ++++++++++++++-----
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/cipher/gost28147.c b/cipher/gost28147.c
index 862e7d6..c669148 100644
--- a/cipher/gost28147.c
+++ b/cipher/gost28147.c
@@ -168,7 +168,7 @@ unsigned int _gcry_gost_enc_one (GOST28147_context *c, const byte *key,
     byte *out, byte *in)
 {
   gost_setkey (c, key, 32);
-  return gost_encrypt_block (c, out, in);
+  return gost_encrypt_block (c, out, in) + 5 * sizeof(void *);
 }
 
 static unsigned int
diff --git a/cipher/gostr3411-94.c b/cipher/gostr3411-94.c
index bfd52bd..368fc01 100644
--- a/cipher/gostr3411-94.c
+++ b/cipher/gostr3411-94.c
@@ -30,6 +30,8 @@
 
 #include "gost.h"
 
+#define max(a, b) (((a) > (b)) ? (a) : (b))
+
 typedef struct {
   gcry_md_block_ctx_t bctx;
   GOST28147_context hd;
@@ -148,11 +150,12 @@ do_add (unsigned char *s, unsigned char *a)
     }
 }
 
-static void
+static unsigned int
 do_hash_step (GOST28147_context *hd, unsigned char *h, unsigned char *m)
 {
   unsigned char u[32], v[32], s[32];
   unsigned char k[32];
+  unsigned int burn;
   int i;
 
   memcpy (u, h, 32);
@@ -161,7 +164,7 @@ do_hash_step (GOST28147_context *hd, unsigned char *h, unsigned char *m)
   for (i = 0; i < 4; i++) {
     do_p (k, u, v);
 
-    _gcry_gost_enc_one (hd, k, s + i*8, h + i*8);
+    burn = _gcry_gost_enc_one (hd, k, s + i*8, h + i*8);
 
     do_a (u);
     if (i == 1)
@@ -198,6 +201,12 @@ do_hash_step (GOST28147_context *hd, unsigned char *h, unsigned char *m)
 
   memcpy (h, s+20, 12);
   memcpy (h+12, s, 20);
+
+  return /* burn_stack */ 4 * sizeof(void*) /* func call (ret addr + args) */ +
+                          4 * 32 + 2 * sizeof(int) /* stack */ +
+                          max(burn /* _gcry_gost_enc_one */,
+                              sizeof(void*) * 2 /* do_a2 call */ +
+                              16 + sizeof(int) /* do_a2 stack */ );
 }
 
 
@@ -206,13 +215,13 @@ transform (void *ctx, const unsigned char *data)
 {
   GOSTR3411_CONTEXT *hd = ctx;
   byte m[32];
+  unsigned int burn;
 
   memcpy (m, data, 32);
-  do_hash_step (&hd->hd, hd->h, m);
+  burn = do_hash_step (&hd->hd, hd->h, m);
   do_add (hd->sigma, m);
 
-/* FIXME: Fix this arbitrary value for the stack_burn size.  -wk */
-  return /* stack_burn */ 200;
+  return /* burn_stack */ burn + 3 * sizeof(void*) + 32 + 2 * sizeof(void*);
 }
 
 /*




More information about the Gcrypt-devel mailing list