wolfcrypt/src/sha512.c: in Sha512FinalRaw() and wc_Sha384FinalRaw(), …

…refactor out the scratch digest -- ByteReverseWords64() is safe in-place, and the scratch digest caused a SEGV in the XMEMCPY() on AVX512-capable targets built with gcc -march=native unless XALIGN(64), due to gcc bug(s).
wolfSSL · Jan 3, 2025 · 810a46c · 810a46c
1 parent 71b7d0c
commit 810a46c
Showing 1 changed file with 6 additions and 16 deletions.
diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c
@@ -1402,22 +1402,17 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
 
 static int Sha512FinalRaw(wc_Sha512* sha512, byte* hash, size_t digestSz)
 {
-#ifdef LITTLE_ENDIAN_ORDER
-    word64 digest[WC_SHA512_DIGEST_SIZE / sizeof(word64)];
-#endif
-
     if (sha512 == NULL || hash == NULL) {
         return BAD_FUNC_ARG;
     }
 
 #ifdef LITTLE_ENDIAN_ORDER
-    ByteReverseWords64((word64*)digest, (word64*)sha512->digest,
+    ByteReverseWords64((word64*)sha512->digest, (word64*)sha512->digest,
                                                          WC_SHA512_DIGEST_SIZE);
-    XMEMCPY(hash, digest, digestSz);
-#else
-    XMEMCPY(hash, sha512->digest, digestSz);
 #endif
 
+    XMEMCPY(hash, sha512->digest, digestSz);
+
     return 0;
 }
 
@@ -1807,22 +1802,17 @@ int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len)
 
 int wc_Sha384FinalRaw(wc_Sha384* sha384, byte* hash)
 {
-#ifdef LITTLE_ENDIAN_ORDER
-    word64 digest[WC_SHA384_DIGEST_SIZE / sizeof(word64)];
-#endif
-
     if (sha384 == NULL || hash == NULL) {
         return BAD_FUNC_ARG;
     }
 
 #ifdef LITTLE_ENDIAN_ORDER
-    ByteReverseWords64((word64*)digest, (word64*)sha384->digest,
+    ByteReverseWords64((word64*)sha384->digest, (word64*)sha384->digest,
                                                          WC_SHA384_DIGEST_SIZE);
-    XMEMCPY(hash, digest, WC_SHA384_DIGEST_SIZE);
-#else
-    XMEMCPY(hash, sha384->digest, WC_SHA384_DIGEST_SIZE);
 #endif
 
+    XMEMCPY(hash, sha384->digest, WC_SHA384_DIGEST_SIZE);
+
     return 0;
 }