Use mbedtls_xor in GCM

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2022-11-22 16:53:25 +00:00
parent 2e9db8e9bf
commit d22fb73e3e

View file

@ -235,7 +235,6 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char work_buf[16]; unsigned char work_buf[16];
size_t i;
const unsigned char *p; const unsigned char *p;
size_t use_len, olen = 0; size_t use_len, olen = 0;
uint64_t iv_bits; uint64_t iv_bits;
@ -268,8 +267,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
{ {
use_len = ( iv_len < 16 ) ? iv_len : 16; use_len = ( iv_len < 16 ) ? iv_len : 16;
for( i = 0; i < use_len; i++ ) mbedtls_xor( ctx->y, ctx->y, p, use_len );
ctx->y[i] ^= p[i];
gcm_mult( ctx, ctx->y, ctx->y ); gcm_mult( ctx, ctx->y, ctx->y );
@ -277,8 +275,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
p += use_len; p += use_len;
} }
for( i = 0; i < 16; i++ ) mbedtls_xor( ctx->y, ctx->y, work_buf, 16);
ctx->y[i] ^= work_buf[i];
gcm_mult( ctx, ctx->y, ctx->y ); gcm_mult( ctx, ctx->y, ctx->y );
} }
@ -313,7 +310,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
const unsigned char *add, size_t add_len ) const unsigned char *add, size_t add_len )
{ {
const unsigned char *p; const unsigned char *p;
size_t use_len, i, offset; size_t use_len, offset;
/* IV is limited to 2^64 bits, so 2^61 bytes */ /* IV is limited to 2^64 bits, so 2^61 bytes */
if( (uint64_t) add_len >> 61 != 0 ) if( (uint64_t) add_len >> 61 != 0 )
@ -328,8 +325,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
if( use_len > add_len ) if( use_len > add_len )
use_len = add_len; use_len = add_len;
for( i = 0; i < use_len; i++ ) mbedtls_xor( ctx->buf + offset, ctx->buf + offset, p, use_len );
ctx->buf[i+offset] ^= p[i];
if( offset + use_len == 16 ) if( offset + use_len == 16 )
gcm_mult( ctx, ctx->buf, ctx->buf ); gcm_mult( ctx, ctx->buf, ctx->buf );
@ -343,8 +339,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
while( add_len >= 16 ) while( add_len >= 16 )
{ {
for( i = 0; i < 16; i++ ) mbedtls_xor( ctx->buf, ctx->buf, p, 16 );
ctx->buf[i] ^= p[i];
gcm_mult( ctx, ctx->buf, ctx->buf ); gcm_mult( ctx, ctx->buf, ctx->buf );
@ -354,8 +349,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
if( add_len > 0 ) if( add_len > 0 )
{ {
for( i = 0; i < add_len; i++ ) mbedtls_xor( ctx->buf, ctx->buf, p, add_len );
ctx->buf[i] ^= p[i];
} }
return( 0 ); return( 0 );
@ -378,7 +372,6 @@ static int gcm_mask( mbedtls_gcm_context *ctx,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
size_t i;
size_t olen = 0; size_t olen = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@ -389,14 +382,12 @@ static int gcm_mask( mbedtls_gcm_context *ctx,
return( ret ); return( ret );
} }
for( i = 0; i < use_len; i++ )
{
if( ctx->mode == MBEDTLS_GCM_DECRYPT ) if( ctx->mode == MBEDTLS_GCM_DECRYPT )
ctx->buf[offset + i] ^= input[i]; mbedtls_xor( ctx->buf + offset, ctx->buf + offset, input, use_len );
output[i] = ectr[offset + i] ^ input[i]; mbedtls_xor( output, ectr + offset, input, use_len );
if( ctx->mode == MBEDTLS_GCM_ENCRYPT ) if( ctx->mode == MBEDTLS_GCM_ENCRYPT )
ctx->buf[offset + i] ^= output[i]; mbedtls_xor( ctx->buf + offset, ctx->buf + offset, output, use_len );
}
return( 0 ); return( 0 );
} }
@ -489,7 +480,6 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len )
{ {
unsigned char work_buf[16]; unsigned char work_buf[16];
size_t i;
uint64_t orig_len; uint64_t orig_len;
uint64_t orig_add_len; uint64_t orig_add_len;
@ -524,13 +514,11 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 );
MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 );
for( i = 0; i < 16; i++ ) mbedtls_xor( ctx->buf, ctx->buf, work_buf, 16 );
ctx->buf[i] ^= work_buf[i];
gcm_mult( ctx, ctx->buf, ctx->buf ); gcm_mult( ctx, ctx->buf, ctx->buf );
for( i = 0; i < tag_len; i++ ) mbedtls_xor( tag, tag, ctx->buf, tag_len );
tag[i] ^= ctx->buf[i];
} }
return( 0 ); return( 0 );