Compile with -std=c99 and restructure some code to ensure there is no invalid aliasing (hopefully)

5 files changed, 53 insertions, 49 deletions

diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c
index 0b3b049..82887cf 100644
--- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c
+++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c
@@ -60,7 +60,7 @@ static fastd_protocol_config_t* protocol_init(fastd_context_t *ctx) {
 
 	ecc_25519_work_t work;
 	ecc_25519_scalarmult_base(&work, &protocol_config->key.secret);
-	ecc_25519_store_packed(&protocol_config->key.public, &work);
+	ecc_25519_store_packed(&protocol_config->key.public.int256, &work);
 
 	return protocol_config;
 }
@@ -75,7 +75,7 @@ static void protocol_peer_configure(fastd_context_t *ctx, fastd_peer_config_t *p
 	}
 
 	aligned_int256_t key;
-	if (!read_key(key.p, peer_conf->key)) {
+	if (!read_key(key.u8, peer_conf->key)) {
 		pr_warn(ctx, "invalid key configured for `%s', disabling peer", peer_conf->name);
 		return;
 	}
@@ -83,7 +83,7 @@ static void protocol_peer_configure(fastd_context_t *ctx, fastd_peer_config_t *p
 	peer_conf->protocol_config = malloc(sizeof(fastd_protocol_peer_config_t));
 	peer_conf->protocol_config->public_key = key;
 
-	if (memcmp(peer_conf->protocol_config->public_key.p, ctx->conf->protocol_config->key.public.p, 32) == 0)
+	if (memcmp(&peer_conf->protocol_config->public_key, &ctx->conf->protocol_config->key.public, 32) == 0)
 		pr_debug(ctx, "found own key as `%s', ignoring peer", peer_conf->name);
 }
 
diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h
index 01903c8..608276f 100644
--- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h
+++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h
@@ -34,7 +34,11 @@
 #include <libuecc/ecc.h>
 
 
-typedef ecc_int256_t __attribute__((aligned(4))) aligned_int256_t;
+typedef union aligned_int256 {
+	ecc_int256_t int256;
+	uint32_t u32[8];
+	uint8_t u8[32];
+} aligned_int256_t;
 
 typedef struct keypair {
 	ecc_int256_t secret;
diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c
index 182abca..5606463 100644
--- a/src/protocols/ec25519_fhmqvc/handshake.c
+++ b/src/protocols/ec25519_fhmqvc/handshake.c
@@ -56,14 +56,14 @@ static void derive_key(fastd_sha256_t *out, size_t blocks, const uint32_t *salt,
 	size_t methodlen = strlen(method_name);
 	uint8_t info[4*PUBLICKEYBYTES + methodlen];
 
-	memcpy(info, A->p, PUBLICKEYBYTES);
-	memcpy(info+PUBLICKEYBYTES, B->p, PUBLICKEYBYTES);
-	memcpy(info+2*PUBLICKEYBYTES, X->p, PUBLICKEYBYTES);
-	memcpy(info+3*PUBLICKEYBYTES, Y->p, PUBLICKEYBYTES);
+	memcpy(info, A, PUBLICKEYBYTES);
+	memcpy(info+PUBLICKEYBYTES, B, PUBLICKEYBYTES);
+	memcpy(info+2*PUBLICKEYBYTES, X, PUBLICKEYBYTES);
+	memcpy(info+3*PUBLICKEYBYTES, Y, PUBLICKEYBYTES);
 	memcpy(info+4*PUBLICKEYBYTES, method_name, methodlen);
 
 	fastd_sha256_t prk;
-	fastd_hkdf_sha256_extract(&prk, salt, (const uint32_t*)sigma->p, PUBLICKEYBYTES);
+	fastd_hkdf_sha256_extract(&prk, salt, sigma->u32, PUBLICKEYBYTES);
 
 	fastd_hkdf_sha256_expand(out, blocks, &prk, info, sizeof(info));
 }
@@ -106,7 +106,7 @@ static inline void new_session(fastd_context_t *ctx, fastd_peer_t *peer, const c
 	}
 	else {
 		fastd_sha256_t hash;
-		fastd_sha256_blocks(&hash, X->p, Y->p, A->p, B->p, sigma->p, NULL);
+		fastd_sha256_blocks(&hash, X->u32, Y->u32, A->u32, B->u32, sigma->u32, NULL);
 		peer->protocol_state->session.method_state = method->session_init_compat(ctx, method_name, hash.b, HASHBYTES, initiator);
 	}
 
@@ -175,18 +175,18 @@ static bool make_shared_handshake_key(fastd_context_t *ctx, const ecc_int256_t *
 
 	ecc_25519_work_t work, workXY;
 
-	if (!ecc_25519_load_packed(&workXY, initiator ? Y : X))
+	if (!ecc_25519_load_packed(&workXY, initiator ? &Y->int256 : &X->int256))
 		return false;
 
 	ecc_25519_scalarmult(&work, &ecc_25519_gf_order, &workXY);
 	if (!ecc_25519_is_identity(&work))
 		return false;
 
-	if (!ecc_25519_load_packed(&work, initiator ? B : A))
+	if (!ecc_25519_load_packed(&work, initiator ? &B->int256 : &A->int256))
 		return false;
 
 	fastd_sha256_t hashbuf;
-	fastd_sha256_blocks(&hashbuf, Y->p, X->p, B->p, A->p, NULL);
+	fastd_sha256_blocks(&hashbuf, Y->u32, X->u32, B->u32, A->u32, NULL);
 
 	ecc_int256_t d = {{0}}, e = {{0}}, s;
 
@@ -217,13 +217,13 @@ static bool make_shared_handshake_key(fastd_context_t *ctx, const ecc_int256_t *
 	if (ecc_25519_is_identity(&work))
 		return false;
 
-	ecc_25519_store_packed(sigma, &work);
+	ecc_25519_store_packed(&sigma->int256, &work);
 
 	if (shared_handshake_key)
 		derive_key(shared_handshake_key, 1, zero_salt, "", A, B, X, Y, sigma);
 
 	if (shared_handshake_key_compat)
-		fastd_sha256_blocks(shared_handshake_key_compat, Y->p, X->p, B->p, A->p, sigma->p, NULL);
+		fastd_sha256_blocks(shared_handshake_key_compat, Y->u32, X->u32, B->u32, A->u32, sigma->u32, NULL);
 
 	return true;
 }
@@ -270,15 +270,15 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock,
 
 	fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, true, 4*(4+PUBLICKEYBYTES) + 2*(4+HASHBYTES));
 
-	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, ctx->conf->protocol_config->key.public.p);
-	fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, peer->protocol_config->public_key.p);
-	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, handshake_key->key.public.p);
-	fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key->p);
+	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, &ctx->conf->protocol_config->key.public);
+	fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, &peer->protocol_config->public_key);
+	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, &handshake_key->key.public);
+	fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key);
 
 	fastd_sha256_t hmacbuf;
 
 	if (!ctx->conf->secure_handshakes) {
-		fastd_hmacsha256_blocks(&hmacbuf, peer->protocol_state->shared_handshake_key_compat.w, ctx->conf->protocol_config->key.public.p, handshake_key->key.public.p, NULL);
+		fastd_hmacsha256_blocks(&hmacbuf, peer->protocol_state->shared_handshake_key_compat.w, ctx->conf->protocol_config->key.public.u32, handshake_key->key.public.u32, NULL);
 		fastd_handshake_add(ctx, &buffer, RECORD_T, HASHBYTES, hmacbuf.b);
 	}
 
@@ -316,7 +316,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
 		valid = fastd_hmacsha256_verify(mac, shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len);
 	}
 	else {
-		valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key_compat.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL);
+		valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key_compat.w, peer->protocol_config->public_key.u32, peer_handshake_key->u32, NULL);
 	}
 
 	if (!valid) {
@@ -330,10 +330,10 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
 
 	fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, false, 4*(4+PUBLICKEYBYTES) + 2*(4+HASHBYTES));
 
-	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, ctx->conf->protocol_config->key.public.p);
-	fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, peer->protocol_config->public_key.p);
-	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, handshake_key->key.public.p);
-	fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key->p);
+	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, &ctx->conf->protocol_config->key.public);
+	fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, &peer->protocol_config->public_key);
+	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, &handshake_key->key.public);
+	fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key);
 
 	if (!compat) {
 		fastd_sha256_t hmacbuf;
@@ -343,7 +343,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
 	}
 	else {
 		fastd_sha256_t hmacbuf;
-		fastd_hmacsha256_blocks(&hmacbuf, shared_handshake_key_compat.w, ctx->conf->protocol_config->key.public.p, handshake_key->key.public.p, NULL);
+		fastd_hmacsha256_blocks(&hmacbuf, shared_handshake_key_compat.w, ctx->conf->protocol_config->key.public.u32, handshake_key->key.public.u32, NULL);
 		fastd_handshake_add(ctx, &buffer, RECORD_T, HASHBYTES, hmacbuf.b);
 	}
 
@@ -369,7 +369,7 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock,
 		valid = fastd_hmacsha256_verify(mac, peer->protocol_state->shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len);
 	}
 	else {
-		valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, peer->protocol_state->shared_handshake_key_compat.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL);
+		valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, peer->protocol_state->shared_handshake_key_compat.w, peer->protocol_config->public_key.u32, peer_handshake_key->u32, NULL);
 	}
 
 	if (!valid) {
@@ -389,7 +389,7 @@ static fastd_peer_t* find_sender_key(fastd_context_t *ctx, const fastd_peer_addr
 	fastd_peer_t *ret = NULL, *peer;
 
 	for (peer = peers; peer; peer = peer->next) {
-		if (memcmp(peer->protocol_config->public_key.p, key, PUBLICKEYBYTES) == 0) {
+		if (memcmp(&peer->protocol_config->public_key, key, PUBLICKEYBYTES) == 0) {
 			if (!fastd_peer_matches_address(ctx, peer, address)) {
 				errno = EPERM;
 				return NULL;
@@ -418,7 +418,7 @@ static fastd_peer_t* match_sender_key(fastd_context_t *ctx, const fastd_socket_t
 		exit_bug(ctx, "packet without correct peer set on dynamic socket");
 
 	if (peer) {
-		if (memcmp(peer->protocol_config->public_key.p, key, PUBLICKEYBYTES) == 0)
+		if (memcmp(&peer->protocol_config->public_key, key, PUBLICKEYBYTES) == 0)
 			return peer;
 
 		if (fastd_peer_owns_address(ctx, peer, address)) {
@@ -443,7 +443,7 @@ static size_t key_count(fastd_context_t *ctx, const unsigned char key[32]) {
 		if (!p->protocol_config)
 			continue;
 
-		if (memcmp(p->protocol_config->public_key.p, key, 32) == 0)
+		if (memcmp(&p->protocol_config->public_key, key, 32) == 0)
 			ret++;
 	}
 
@@ -454,12 +454,12 @@ bool fastd_protocol_ec25519_fhmqvc_peer_check(fastd_context_t *ctx, fastd_peer_c
 	if (!peer_conf->protocol_config)
 		return false;
 
-	if (memcmp(peer_conf->protocol_config->public_key.p, ctx->conf->protocol_config->key.public.p, 32) == 0)
+	if (memcmp(&peer_conf->protocol_config->public_key, &ctx->conf->protocol_config->key.public, 32) == 0)
 		return false;
 
-	if (key_count(ctx, peer_conf->protocol_config->public_key.p) > 1) {
+	if (key_count(ctx, peer_conf->protocol_config->public_key.u8) > 1) {
 		char buf[65];
-		hexdump(buf, peer_conf->protocol_config->public_key.p);
+		hexdump(buf, peer_conf->protocol_config->public_key.u8);
 		pr_warn(ctx, "more than one peer is configured with key %s, disabling %s", buf, peer_conf->name);
 		return false;
 	}
@@ -468,9 +468,9 @@ bool fastd_protocol_ec25519_fhmqvc_peer_check(fastd_context_t *ctx, fastd_peer_c
 }
 
 bool fastd_protocol_ec25519_fhmqvc_peer_check_temporary(fastd_context_t *ctx, fastd_peer_t *peer) {
-	if (key_count(ctx, peer->protocol_config->public_key.p)) {
+	if (key_count(ctx, peer->protocol_config->public_key.u8)) {
 		char buf[65];
-		hexdump(buf, peer->protocol_config->public_key.p);
+		hexdump(buf, peer->protocol_config->public_key.u8);
 		pr_info(ctx, "key %s is configured now, deleting temporary peer.", buf);
 		return false;
 	}
@@ -492,7 +492,7 @@ static inline fastd_peer_t* add_temporary(fastd_context_t *ctx, const fastd_peer
 	fastd_peer_t *peer = fastd_peer_add_temporary(ctx);
 
 	peer->protocol_config = malloc(sizeof(fastd_protocol_peer_config_t));
-	memcpy(peer->protocol_config->public_key.p, key, PUBLICKEYBYTES);
+	memcpy(&peer->protocol_config->public_key, key, PUBLICKEYBYTES);
 
 	/* Ugly hack */
 	peer->protocol_state->last_serial--;
@@ -517,14 +517,14 @@ void fastd_protocol_ec25519_fhmqvc_handshake_init(fastd_context_t *ctx, const fa
 
 	fastd_buffer_t buffer = fastd_handshake_new_init(ctx, 3*(4+PUBLICKEYBYTES) /* sender key, receipient key, handshake key */);
 
-	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, ctx->conf->protocol_config->key.public.p);
+	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, &ctx->conf->protocol_config->key.public);
 
 	if (peer)
-		fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, peer->protocol_config->public_key.p);
+		fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, &peer->protocol_config->public_key);
 	else
 		pr_debug(ctx, "sending handshake to unknown peer %I", remote_addr);
 
-	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, ctx->protocol_state->handshake_key.key.public.p);
+	fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, &ctx->protocol_state->handshake_key.key.public);
 
 	fastd_send_handshake(ctx, sock, local_addr, remote_addr, peer, buffer);
 }
@@ -578,7 +578,7 @@ void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_
 	}
 
 	if (has_field(handshake, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES)) {
-		if (memcmp(ctx->conf->protocol_config->key.public.p, handshake->records[RECORD_RECEIPIENT_KEY].data, PUBLICKEYBYTES) != 0) {
+		if (memcmp(&ctx->conf->protocol_config->key.public, handshake->records[RECORD_RECEIPIENT_KEY].data, PUBLICKEYBYTES) != 0) {
 			pr_debug(ctx, "received protocol handshake with wrong receipient key from %P[%I]", peer, remote_addr);
 			return;
 		}
@@ -590,7 +590,7 @@ void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_
 	}
 
 	aligned_int256_t peer_handshake_key;
-	memcpy(peer_handshake_key.p, handshake->records[RECORD_SENDER_HANDSHAKE_KEY].data, PUBLICKEYBYTES);
+	memcpy(&peer_handshake_key, handshake->records[RECORD_SENDER_HANDSHAKE_KEY].data, PUBLICKEYBYTES);
 
 	if (handshake->type == 1) {
 		if (timespec_diff(&ctx->now, &peer->last_handshake_response) < (int)ctx->conf->min_handshake_interval*1000
@@ -626,11 +626,11 @@ void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_
 
 	handshake_key_t *handshake_key;
 	if (is_handshake_key_valid(ctx, &ctx->protocol_state->handshake_key) &&
-	    memcmp(&ctx->protocol_state->handshake_key.key.public.p, handshake->records[RECORD_RECEIPIENT_HANDSHAKE_KEY].data, PUBLICKEYBYTES) == 0) {
+	    memcmp(&ctx->protocol_state->handshake_key.key.public, handshake->records[RECORD_RECEIPIENT_HANDSHAKE_KEY].data, PUBLICKEYBYTES) == 0) {
 		handshake_key = &ctx->protocol_state->handshake_key;
 	}
 	else if (is_handshake_key_valid(ctx, &ctx->protocol_state->prev_handshake_key) &&
-		 memcmp(&ctx->protocol_state->prev_handshake_key.key.public.p, handshake->records[RECORD_RECEIPIENT_HANDSHAKE_KEY].data, PUBLICKEYBYTES) == 0) {
+		 memcmp(&ctx->protocol_state->prev_handshake_key.key.public, handshake->records[RECORD_RECEIPIENT_HANDSHAKE_KEY].data, PUBLICKEYBYTES) == 0) {
 		handshake_key = &ctx->protocol_state->prev_handshake_key;
 	}
 	else {
diff --git a/src/protocols/ec25519_fhmqvc/state.c b/src/protocols/ec25519_fhmqvc/state.c
index 3affc44..727763a 100644
--- a/src/protocols/ec25519_fhmqvc/state.c
+++ b/src/protocols/ec25519_fhmqvc/state.c
@@ -42,7 +42,7 @@ static void new_handshake_key(fastd_context_t *ctx, keypair_t *key) {
 
 		ecc_25519_work_t work;
 		ecc_25519_scalarmult_base(&work, &key->secret);
-		ecc_25519_store_packed(&key->public, &work);
+		ecc_25519_store_packed(&key->public.int256, &work);
 }
 
 void fastd_protocol_ec25519_fhmqvc_maintenance(fastd_context_t *ctx) {
diff --git a/src/protocols/ec25519_fhmqvc/util.c b/src/protocols/ec25519_fhmqvc/util.c
index 07f4724..e653f7f 100644
--- a/src/protocols/ec25519_fhmqvc/util.c
+++ b/src/protocols/ec25519_fhmqvc/util.c
@@ -59,19 +59,19 @@ void fastd_protocol_ec25519_fhmqvc_generate_key(fastd_context_t *ctx) {
 
 void fastd_protocol_ec25519_fhmqvc_show_key(fastd_context_t *ctx) {
 	if (ctx->conf->machine_readable)
-		print_hexdump("", ctx->conf->protocol_config->key.public.p);
+		print_hexdump("", ctx->conf->protocol_config->key.public.u8);
 	else
-		print_hexdump("Public: ", ctx->conf->protocol_config->key.public.p);
+		print_hexdump("Public: ", ctx->conf->protocol_config->key.public.u8);
 }
 
 void fastd_protocol_ec25519_fhmqvc_set_shell_env(fastd_context_t *ctx, const fastd_peer_t *peer) {
 	char buf[65];
 
-	hexdump(buf, ctx->conf->protocol_config->key.public.p);
+	hexdump(buf, ctx->conf->protocol_config->key.public.u8);
 	setenv("LOCAL_KEY", buf, 1);
 
 	if (peer && peer->protocol_config) {
-		hexdump(buf, peer->protocol_config->public_key.p);
+		hexdump(buf, peer->protocol_config->public_key.u8);
 		setenv("PEER_KEY", buf, 1);
 	}
 	else {
@@ -83,7 +83,7 @@ bool fastd_protocol_ec25519_fhmqvc_describe_peer(const fastd_context_t *ctx UNUS
 	if (peer && peer->protocol_config) {
 		char dumpbuf[65];
 
-		hexdump(dumpbuf, peer->protocol_config->public_key.p);
+		hexdump(dumpbuf, peer->protocol_config->public_key.u8);
 		snprintf(buf, len, "%.16s", dumpbuf);
 		return true;
 	}