Use optimised counter increment in AES-CTR and CTR-DRBG

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2024-01-13 16:42:38 +00:00
parent ae730348e9
commit 591ff05384
2 changed files with 7 additions and 17 deletions

View file

@ -53,6 +53,7 @@
#endif #endif
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#include "ctr.h"
/* /*
* This is a convenience shorthand macro to check if we need reverse S-box and * This is a convenience shorthand macro to check if we need reverse S-box and
@ -1456,11 +1457,7 @@ int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
if (ret != 0) { if (ret != 0) {
goto exit; goto exit;
} }
for (int j = 16; j > 0; j--) { mbedtls_ctr_increment_counter(nonce_counter);
if (++nonce_counter[j - 1] != 0) {
break;
}
}
} else { } else {
n -= offset; n -= offset;
} }

View file

@ -14,6 +14,7 @@
#if defined(MBEDTLS_CTR_DRBG_C) #if defined(MBEDTLS_CTR_DRBG_C)
#include "ctr.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
@ -333,7 +334,7 @@ static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx,
{ {
unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN]; unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char *p = tmp; unsigned char *p = tmp;
int i, j; int j;
int ret = 0; int ret = 0;
#if !defined(MBEDTLS_AES_C) #if !defined(MBEDTLS_AES_C)
psa_status_t status; psa_status_t status;
@ -346,11 +347,7 @@ static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx,
/* /*
* Increase counter * Increase counter
*/ */
for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) { mbedtls_ctr_increment_counter(ctx->counter);
if (++ctx->counter[i - 1] != 0) {
break;
}
}
/* /*
* Crypt counter block * Crypt counter block
@ -652,13 +649,9 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng,
while (output_len > 0) { while (output_len > 0) {
/* /*
* Increase counter * Increase counter (treat it as a 128-bit big-endian integer).
*/ */
for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) { mbedtls_ctr_increment_counter(ctx->counter);
if (++ctx->counter[i - 1] != 0) {
break;
}
}
/* /*
* Crypt counter block * Crypt counter block