Re-order struct members

In order to memory-align the used buffers for keys, IVs etc. we re-order
the struct members of ciphers, modes and encauth.

There's no guarantee that this works, but it improves the chances.

Signed-off-by: Steffen Jaeckel <[email protected]>

src/headers/tomcrypt_cipher.h

@@ -35,10 +35,10 @@ struct saferp_key {
 
 #ifdef LTC_RIJNDAEL
 struct rijndael_key {
+   unsigned char K[(60 + 60 + 4) * sizeof(ulong32)];
    ulong32 *eK;
    ulong32 *dK;
    int Nr;
-   unsigned char K[(60 + 60 + 4) * sizeof(ulong32)];
 };
 #endif
 
@@ -129,24 +129,24 @@ struct khazad_key {
 
 #ifdef LTC_ANUBIS
 struct anubis_key {
-   int keyBits;
-   int R;
    ulong32 roundKeyEnc[18 + 1][4];
    ulong32 roundKeyDec[18 + 1][4];
+   int keyBits;
+   int R;
 };
 #endif
 
 #ifdef LTC_MULTI2
 struct multi2_key {
-    int N;
     ulong32 uk[8];
+    int N;
 };
 #endif
 
 #ifdef LTC_CAMELLIA
 struct camellia_key {
-    int R;
     ulong64 kw[4], k[24], kl[6];
+    int R;
 };
 #endif
 
@@ -247,60 +247,60 @@ typedef union Symmetric_key {
 #ifdef LTC_ECB_MODE
 /** A block cipher ECB structure */
 typedef struct {
+   /** The scheduled key */
+   symmetric_key       key;
    /** The index of the cipher chosen */
    int                 cipher,
    /** The block size of the given cipher */
                        blocklen;
-   /** The scheduled key */
-   symmetric_key       key;
 } symmetric_ECB;
 #endif
 
 #ifdef LTC_CFB_MODE
 /** A block cipher CFB structure */
 typedef struct {
-   /** The index of the cipher chosen */
-   int                 cipher,
-   /** The block size of the given cipher */
-                       blocklen,
-   /** The padding offset */
-                       padlen;
    /** The current IV */
    unsigned char       IV[MAXBLOCKSIZE],
    /** The pad used to encrypt/decrypt */
                        pad[MAXBLOCKSIZE];
    /** The scheduled key */
    symmetric_key       key;
+   /** The index of the cipher chosen */
+   int                 cipher,
+   /** The block size of the given cipher */
+                       blocklen,
+   /** The padding offset */
+                       padlen;
 } symmetric_CFB;
 #endif
 
 #ifdef LTC_OFB_MODE
 /** A block cipher OFB structure */
 typedef struct {
+   /** The current IV */
+   unsigned char       IV[MAXBLOCKSIZE];
+   /** The scheduled key */
+   symmetric_key       key;
    /** The index of the cipher chosen */
    int                 cipher,
    /** The block size of the given cipher */
                        blocklen,
    /** The padding offset */
                        padlen;
-   /** The current IV */
-   unsigned char       IV[MAXBLOCKSIZE];
-   /** The scheduled key */
-   symmetric_key       key;
 } symmetric_OFB;
 #endif
 
 #ifdef LTC_CBC_MODE
 /** A block cipher CBC structure */
 typedef struct {
-   /** The index of the cipher chosen */
-   int                 cipher,
-   /** The block size of the given cipher */
-                       blocklen;
    /** The current IV */
    unsigned char       IV[MAXBLOCKSIZE];
    /** The scheduled key */
    symmetric_key       key;
+   /** The index of the cipher chosen */
+   int                 cipher,
+   /** The block size of the given cipher */
+                       blocklen;
 } symmetric_CBC;
 #endif
 
@@ -308,6 +308,13 @@ typedef struct {
 #ifdef LTC_CTR_MODE
 /** A block cipher CTR structure */
 typedef struct {
+   /** The counter */
+   unsigned char       ctr[MAXBLOCKSIZE];
+   /** The pad used to encrypt/decrypt */
+   unsigned char       pad[MAXBLOCKSIZE];
+   /** The scheduled key */
+   symmetric_key       key;
+
    /** The index of the cipher chosen */
    int                 cipher,
    /** The block size of the given cipher */
@@ -318,13 +325,6 @@ typedef struct {
                        mode,
    /** counter width */
                        ctrlen;
-
-   /** The counter */
-   unsigned char       ctr[MAXBLOCKSIZE];
-   /** The pad used to encrypt/decrypt */
-   unsigned char       pad[MAXBLOCKSIZE] LTC_ALIGN(16);
-   /** The scheduled key */
-   symmetric_key       key;
 } symmetric_CTR;
 #endif
 
@@ -332,9 +332,6 @@ typedef struct {
 #ifdef LTC_LRW_MODE
 /** A LRW structure */
 typedef struct {
-    /** The index of the cipher chosen (must be a 128-bit block cipher) */
-    int               cipher;
-
     /** The current IV */
     unsigned char     IV[16],
 
@@ -351,25 +348,28 @@ typedef struct {
     /** The pre-computed multiplication table */
     unsigned char     PC[16][256][16];
 #endif
+
+    /** The index of the cipher chosen (must be a 128-bit block cipher) */
+    int               cipher;
 } symmetric_LRW;
 #endif
 
 #ifdef LTC_F8_MODE
 /** A block cipher F8 structure */
 typedef struct {
+   /** The current IV */
+   unsigned char       IV[MAXBLOCKSIZE],
+                       MIV[MAXBLOCKSIZE];
+   /** The scheduled key */
+   symmetric_key       key;
    /** The index of the cipher chosen */
    int                 cipher,
    /** The block size of the given cipher */
                        blocklen,
    /** The padding offset */
                        padlen;
-   /** The current IV */
-   unsigned char       IV[MAXBLOCKSIZE],
-                       MIV[MAXBLOCKSIZE];
    /** Current block count */
    ulong32             blockcnt;
-   /** The scheduled key */
-   symmetric_key       key;
 } symmetric_F8;
 #endif
 

src/headers/tomcrypt_mac.h

@@ -358,10 +358,10 @@ typedef struct {
    unsigned char     aSum_current[MAXBLOCKSIZE],    /* AAD related helper variable */
                      aOffset_current[MAXBLOCKSIZE], /* AAD related helper variable */
                      adata_buffer[MAXBLOCKSIZE];    /* AAD buffer */
-   int               adata_buffer_bytes;            /* bytes in AAD buffer */
-   unsigned long     ablock_index;                  /* index # for current adata (AAD) block */
 
    symmetric_key     key;                     /* scheduled key for cipher */
+   int               adata_buffer_bytes;            /* bytes in AAD buffer */
+   unsigned long     ablock_index;                  /* index # for current adata (AAD) block */
    unsigned long     block_index;             /* index # for current data block */
    int               cipher,                  /* cipher idx */
                      tag_len,                 /* length of tag */
@@ -407,7 +407,12 @@ int ocb3_test(void);
 #define CCM_DECRYPT LTC_DECRYPT
 
 typedef struct {
+   unsigned char       PAD[16],              /* flags | Nonce N | l(m) */
+                       ctr[16],
+                       CTRPAD[16];
+
    symmetric_key       K;
+
    int                 cipher,               /* which cipher */
                        taglen,               /* length of the tag (encoded in M value) */
                        x;                    /* index in PAD */
@@ -419,10 +424,7 @@ typedef struct {
                        current_aadlen,       /* length of the currently provided add */
                        noncelen;             /* length of the nonce */
 
-   unsigned char       PAD[16],              /* flags | Nonce N | l(m) */
-                       ctr[16],
-                       CTRPAD[16],
-                       CTRlen;
+   unsigned char       CTRlen;
 } ccm_state;
 
 int ccm_init(ccm_state *ccm, int cipher,
@@ -478,13 +480,18 @@ extern const unsigned char gcm_shift_table[];
 #define LTC_GCM_MODE_TEXT  2
 
 typedef struct {
-   symmetric_key       K;
    unsigned char       H[16],        /* multiplier */
                        X[16],        /* accumulator */
                        Y[16],        /* counter */
                        Y_0[16],      /* initial counter */
                        buf[16];      /* buffer for stuff */
 
+#ifdef LTC_GCM_TABLES
+   unsigned char       PC[16][256][16];  /* 16 tables of 8x128 */
+#endif
+
+   symmetric_key       K;
+
    int                 cipher,       /* which cipher */
                        ivmode,       /* Which mode is the IV in? */
                        mode,         /* mode the GCM code is in */
@@ -492,14 +499,6 @@ typedef struct {
 
    ulong64             totlen,       /* 64-bit counter used for IV and AAD */
                        pttotlen;     /* 64-bit counter for the PT */
-
-#ifdef LTC_GCM_TABLES
-   unsigned char       PC[16][256][16]  /* 16 tables of 8x128 */
-#ifdef LTC_GCM_TABLES_SSE2
-LTC_ALIGN(16)
-#endif
-;
-#endif
 } gcm_state;
 
 void gcm_mult_h(const gcm_state *gcm, unsigned char *I);