From c71980a843c7b8599cba6a654ec43a9ea271ae4d Mon Sep 17 00:00:00 2001
From: millert <>
Date: Thu, 29 Apr 2004 14:13:17 +0000
Subject: [PATCH] The data pointer passed to the transform function may not be
 properly aligned so copy it in a way that a) is endian indepenent and b) does
 not rely on alignment.  Problem found and solution tested by hshoexer@

---
 src/lib/libc/hash/sha2.c | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/src/lib/libc/hash/sha2.c b/src/lib/libc/hash/sha2.c
index e414c7b9..2c240d05 100644
--- a/src/lib/libc/hash/sha2.c
+++ b/src/lib/libc/hash/sha2.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sha2.c,v 1.3 2004/04/28 22:06:02 millert Exp $	*/
+/*	$OpenBSD: sha2.c,v 1.4 2004/04/29 14:13:17 millert Exp $	*/
 
 /*
  * FILE:	sha2.c
@@ -35,7 +35,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static const char rcsid[] = "$OpenBSD: sha2.c,v 1.3 2004/04/28 22:06:02 millert Exp $";
+static const char rcsid[] = "$OpenBSD: sha2.c,v 1.4 2004/04/29 14:13:17 millert Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/types.h>
@@ -688,15 +688,13 @@ SHA512_Transform(SHA512_CTX *context, const u_int64_t *data) {
 
 	j = 0;
 	do {
-#if BYTE_ORDER == LITTLE_ENDIAN
-		/* Convert TO host byte order */
-		REVERSE64(*data++, W512[j]);
+		W512[j] = (u_int64_t)data[7] | ((u_int64_t)data[6] << 8) |
+		    ((u_int64_t)data[5] << 16) | ((u_int64_t)data[4] << 24) |
+		    ((u_int64_t)data[3] << 32) | ((u_int64_t)data[2] << 40) |
+		    ((u_int64_t)data[1] << 48) | ((u_int64_t)data[0] << 56);
+		data++;
 		/* Apply the SHA-512 compression function to update a..h */
 		T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
-#else /* BYTE_ORDER == LITTLE_ENDIAN */
-		/* Apply the SHA-512 compression function to update a..h with copy */
-		T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++);
-#endif /* BYTE_ORDER == LITTLE_ENDIAN */
 		T2 = Sigma0_512(a) + Maj(a, b, c);
 		h = g;
 		g = f;