yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Use mbedtls_xor in GCM

Browse source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2022-11-22 16:53:25 +00:00
parent 2e9db8e9bf
commit d22fb73e3e
1 changed files with 14 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
library/gcm.c
View file

@ -235,7 +235,6 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char work_buf[16];
size_t i;
const unsigned char *p;
size_t use_len, olen = 0;
uint64_t iv_bits;
@ -268,8 +267,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
{
use_len = ( iv_len < 16 ) ? iv_len : 16;
for( i = 0; i < use_len; i++ )
ctx->y[i] ^= p[i];
mbedtls_xor( ctx->y, ctx->y, p, use_len );
gcm_mult( ctx, ctx->y, ctx->y );
@ -277,8 +275,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
p += use_len;
}
for( i = 0; i < 16; i++ )
ctx->y[i] ^= work_buf[i];
mbedtls_xor( ctx->y, ctx->y, work_buf, 16);
gcm_mult( ctx, ctx->y, ctx->y );
}
@ -313,7 +310,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
const unsigned char *add, size_t add_len )
{
const unsigned char *p;
size_t use_len, i, offset;
size_t use_len, offset;
/* IV is limited to 2^64 bits, so 2^61 bytes */
if( (uint64_t) add_len >> 61 != 0 )
@ -328,8 +325,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
if( use_len > add_len )
use_len = add_len;
for( i = 0; i < use_len; i++ )
ctx->buf[i+offset] ^= p[i];
mbedtls_xor( ctx->buf + offset, ctx->buf + offset, p, use_len );
if( offset + use_len == 16 )
gcm_mult( ctx, ctx->buf, ctx->buf );
@ -343,8 +339,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
while( add_len >= 16 )
{
for( i = 0; i < 16; i++ )
ctx->buf[i] ^= p[i];
mbedtls_xor( ctx->buf, ctx->buf, p, 16 );
gcm_mult( ctx, ctx->buf, ctx->buf );
@ -354,8 +349,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
if( add_len > 0 )
{
for( i = 0; i < add_len; i++ )
ctx->buf[i] ^= p[i];
mbedtls_xor( ctx->buf, ctx->buf, p, add_len );
}
return( 0 );
@ -378,7 +372,6 @@ static int gcm_mask( mbedtls_gcm_context *ctx,
const unsigned char *input,
unsigned char *output )
{
size_t i;
size_t olen = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@ -389,14 +382,12 @@ static int gcm_mask( mbedtls_gcm_context *ctx,
return( ret );
}
for( i = 0; i < use_len; i++ )
{
if( ctx->mode == MBEDTLS_GCM_DECRYPT )
ctx->buf[offset + i] ^= input[i];
output[i] = ectr[offset + i] ^ input[i];
if( ctx->mode == MBEDTLS_GCM_ENCRYPT )
ctx->buf[offset + i] ^= output[i];
}
if( ctx->mode == MBEDTLS_GCM_DECRYPT )
mbedtls_xor( ctx->buf + offset, ctx->buf + offset, input, use_len );
mbedtls_xor( output, ectr + offset, input, use_len );
if( ctx->mode == MBEDTLS_GCM_ENCRYPT )
mbedtls_xor( ctx->buf + offset, ctx->buf + offset, output, use_len );
return( 0 );
}
@ -489,7 +480,6 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
unsigned char *tag, size_t tag_len )
{
unsigned char work_buf[16];
size_t i;
uint64_t orig_len;
uint64_t orig_add_len;
@ -524,13 +514,11 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 );
MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 );
for( i = 0; i < 16; i++ )
ctx->buf[i] ^= work_buf[i];
mbedtls_xor( ctx->buf, ctx->buf, work_buf, 16 );
gcm_mult( ctx, ctx->buf, ctx->buf );
for( i = 0; i < tag_len; i++ )
tag[i] ^= ctx->buf[i];
mbedtls_xor( tag, tag, ctx->buf, tag_len );
}
return( 0 );