Fix sm4 iv bug

FIXME: v3.2.0
2026-06-27 15:43:42 +08:00 · 2026-06-22 16:19:11 +08:00
parent 14221eaeea
commit d5de748e45
7 changed files with 107 additions and 21 deletions
--- a/src/sm4.c
+++ b/src/sm4.c
@@ -190,9 +190,10 @@ void sm4_cbc_encrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 void sm4_cbc_decrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 	const uint8_t *in, size_t nblocks, uint8_t *out)
 {
-	const uint8_t *piv = iv;
+	uint8_t piv[16];
 	uint8_t next_iv[16];

+	memcpy(piv, iv, 16);
 	while (nblocks--) {
 		size_t i;
 		memcpy(next_iv, in, 16);
@@ -200,7 +201,7 @@ void sm4_cbc_decrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 		for (i = 0; i < 16; i++) {
 			out[i] ^= piv[i];
 		}
-		piv = next_iv;
+		memcpy(piv, next_iv, 16);
 		in += 16;
 		out += 16;
 	}
--- a/src/sm4_aesni.c
+++ b/src/sm4_aesni.c
@@ -331,15 +331,18 @@ void sm4_cbc_encrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 void sm4_cbc_decrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 	const uint8_t *in, size_t nblocks, uint8_t *out)
 {
-	const uint8_t *piv = iv;
+	uint8_t piv[16];
+	uint8_t next_iv[16];

+	memcpy(piv, iv, 16);
 	while (nblocks--) {
 		size_t i;
+		memcpy(next_iv, in, 16);
 		sm4_encrypt(key, in, out);
 		for (i = 0; i < 16; i++) {
 			out[i] ^= piv[i];
 		}
-		piv = in;
+		memcpy(piv, next_iv, 16);
 		in += 16;
 		out += 16;
 	}
@@ -444,4 +447,3 @@ int main(void)
 	return 0;
 }
 */
-
--- a/src/sm4_arm64.c
+++ b/src/sm4_arm64.c
@@ -206,15 +206,18 @@ void sm4_cbc_encrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 void sm4_cbc_decrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 	const uint8_t *in, size_t nblocks, uint8_t *out)
 {
-	const uint8_t *piv = iv;
+	uint8_t piv[16];
+	uint8_t next_iv[16];

+	memcpy(piv, iv, 16);
 	while (nblocks--) {
 		size_t i;
+		memcpy(next_iv, in, 16);
 		sm4_encrypt(key, in, out);
 		for (i = 0; i < 16; i++) {
 			out[i] ^= piv[i];
 		}
-		piv = in;
+		memcpy(piv, next_iv, 16);
 		in += 16;
 		out += 16;
 	}
--- a/src/sm4_avx2.c
+++ b/src/sm4_avx2.c
@@ -375,15 +375,18 @@ void sm4_cbc_encrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 void sm4_cbc_decrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 	const uint8_t *in, size_t nblocks, uint8_t *out)
 {
-	const uint8_t *piv = iv;
+	uint8_t piv[16];
+	uint8_t next_iv[16];

+	memcpy(piv, iv, 16);
 	while (nblocks--) {
 		size_t i;
+		memcpy(next_iv, in, 16);
 		sm4_encrypt(key, in, out);
 		for (i = 0; i < 16; i++) {
 			out[i] ^= piv[i];
 		}
-		piv = in;
+		memcpy(piv, next_iv, 16);
 		in += 16;
 		out += 16;
 	}
--- a/src/sm4_ce.c
+++ b/src/sm4_ce.c
@@ -155,15 +155,18 @@ void sm4_cbc_encrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 void sm4_cbc_decrypt_blocks(const SM4_KEY *key, uint8_t iv[16],
 	const uint8_t *in, size_t nblocks, uint8_t *out)
 {
-	const uint8_t *piv = iv;
+	uint8_t piv[16];
+	uint8_t next_iv[16];

+	memcpy(piv, iv, 16);
 	while (nblocks--) {
 		size_t i;
+		memcpy(next_iv, in, 16);
 		sm4_encrypt(key, in, out);
 		for (i = 0; i < 16; i++) {
 			out[i] ^= piv[i];
 		}
-		piv = in;
+		memcpy(piv, next_iv, 16);
 		in += 16;
 		out += 16;
 	}