Use mbedtls_xor in GCM
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
parent
2e9db8e9bf
commit
d22fb73e3e
1 changed files with 14 additions and 26 deletions
|
@ -235,7 +235,6 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
unsigned char work_buf[16];
|
unsigned char work_buf[16];
|
||||||
size_t i;
|
|
||||||
const unsigned char *p;
|
const unsigned char *p;
|
||||||
size_t use_len, olen = 0;
|
size_t use_len, olen = 0;
|
||||||
uint64_t iv_bits;
|
uint64_t iv_bits;
|
||||||
|
@ -268,8 +267,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
|
||||||
{
|
{
|
||||||
use_len = ( iv_len < 16 ) ? iv_len : 16;
|
use_len = ( iv_len < 16 ) ? iv_len : 16;
|
||||||
|
|
||||||
for( i = 0; i < use_len; i++ )
|
mbedtls_xor( ctx->y, ctx->y, p, use_len );
|
||||||
ctx->y[i] ^= p[i];
|
|
||||||
|
|
||||||
gcm_mult( ctx, ctx->y, ctx->y );
|
gcm_mult( ctx, ctx->y, ctx->y );
|
||||||
|
|
||||||
|
@ -277,8 +275,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
|
||||||
p += use_len;
|
p += use_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
for( i = 0; i < 16; i++ )
|
mbedtls_xor( ctx->y, ctx->y, work_buf, 16);
|
||||||
ctx->y[i] ^= work_buf[i];
|
|
||||||
|
|
||||||
gcm_mult( ctx, ctx->y, ctx->y );
|
gcm_mult( ctx, ctx->y, ctx->y );
|
||||||
}
|
}
|
||||||
|
@ -313,7 +310,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
|
||||||
const unsigned char *add, size_t add_len )
|
const unsigned char *add, size_t add_len )
|
||||||
{
|
{
|
||||||
const unsigned char *p;
|
const unsigned char *p;
|
||||||
size_t use_len, i, offset;
|
size_t use_len, offset;
|
||||||
|
|
||||||
/* IV is limited to 2^64 bits, so 2^61 bytes */
|
/* IV is limited to 2^64 bits, so 2^61 bytes */
|
||||||
if( (uint64_t) add_len >> 61 != 0 )
|
if( (uint64_t) add_len >> 61 != 0 )
|
||||||
|
@ -328,8 +325,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
|
||||||
if( use_len > add_len )
|
if( use_len > add_len )
|
||||||
use_len = add_len;
|
use_len = add_len;
|
||||||
|
|
||||||
for( i = 0; i < use_len; i++ )
|
mbedtls_xor( ctx->buf + offset, ctx->buf + offset, p, use_len );
|
||||||
ctx->buf[i+offset] ^= p[i];
|
|
||||||
|
|
||||||
if( offset + use_len == 16 )
|
if( offset + use_len == 16 )
|
||||||
gcm_mult( ctx, ctx->buf, ctx->buf );
|
gcm_mult( ctx, ctx->buf, ctx->buf );
|
||||||
|
@ -343,8 +339,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
|
||||||
|
|
||||||
while( add_len >= 16 )
|
while( add_len >= 16 )
|
||||||
{
|
{
|
||||||
for( i = 0; i < 16; i++ )
|
mbedtls_xor( ctx->buf, ctx->buf, p, 16 );
|
||||||
ctx->buf[i] ^= p[i];
|
|
||||||
|
|
||||||
gcm_mult( ctx, ctx->buf, ctx->buf );
|
gcm_mult( ctx, ctx->buf, ctx->buf );
|
||||||
|
|
||||||
|
@ -354,8 +349,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
|
||||||
|
|
||||||
if( add_len > 0 )
|
if( add_len > 0 )
|
||||||
{
|
{
|
||||||
for( i = 0; i < add_len; i++ )
|
mbedtls_xor( ctx->buf, ctx->buf, p, add_len );
|
||||||
ctx->buf[i] ^= p[i];
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
@ -378,7 +372,6 @@ static int gcm_mask( mbedtls_gcm_context *ctx,
|
||||||
const unsigned char *input,
|
const unsigned char *input,
|
||||||
unsigned char *output )
|
unsigned char *output )
|
||||||
{
|
{
|
||||||
size_t i;
|
|
||||||
size_t olen = 0;
|
size_t olen = 0;
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
|
@ -389,14 +382,12 @@ static int gcm_mask( mbedtls_gcm_context *ctx,
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
for( i = 0; i < use_len; i++ )
|
|
||||||
{
|
|
||||||
if( ctx->mode == MBEDTLS_GCM_DECRYPT )
|
if( ctx->mode == MBEDTLS_GCM_DECRYPT )
|
||||||
ctx->buf[offset + i] ^= input[i];
|
mbedtls_xor( ctx->buf + offset, ctx->buf + offset, input, use_len );
|
||||||
output[i] = ectr[offset + i] ^ input[i];
|
mbedtls_xor( output, ectr + offset, input, use_len );
|
||||||
if( ctx->mode == MBEDTLS_GCM_ENCRYPT )
|
if( ctx->mode == MBEDTLS_GCM_ENCRYPT )
|
||||||
ctx->buf[offset + i] ^= output[i];
|
mbedtls_xor( ctx->buf + offset, ctx->buf + offset, output, use_len );
|
||||||
}
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -489,7 +480,6 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
|
||||||
unsigned char *tag, size_t tag_len )
|
unsigned char *tag, size_t tag_len )
|
||||||
{
|
{
|
||||||
unsigned char work_buf[16];
|
unsigned char work_buf[16];
|
||||||
size_t i;
|
|
||||||
uint64_t orig_len;
|
uint64_t orig_len;
|
||||||
uint64_t orig_add_len;
|
uint64_t orig_add_len;
|
||||||
|
|
||||||
|
@ -524,13 +514,11 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
|
||||||
MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 );
|
MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 );
|
||||||
MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 );
|
MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 );
|
||||||
|
|
||||||
for( i = 0; i < 16; i++ )
|
mbedtls_xor( ctx->buf, ctx->buf, work_buf, 16 );
|
||||||
ctx->buf[i] ^= work_buf[i];
|
|
||||||
|
|
||||||
gcm_mult( ctx, ctx->buf, ctx->buf );
|
gcm_mult( ctx, ctx->buf, ctx->buf );
|
||||||
|
|
||||||
for( i = 0; i < tag_len; i++ )
|
mbedtls_xor( tag, tag, ctx->buf, tag_len );
|
||||||
tag[i] ^= ctx->buf[i];
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
|
Loading…
Reference in a new issue