Reduce code size in ccm

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 19:54:41 +01:00 · 2023-08-16 19:54:41 +01:00 · f4efd19dd0
commit f4efd19dd0
parent 2aaf888e0b
2 changed files with 5 additions and 7 deletions
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@ -77,7 +77,8 @@ extern "C" {
 typedef struct mbedtls_ccm_context {
    unsigned char MBEDTLS_PRIVATE(y)[16];    /*!< The Y working buffer */
    unsigned char MBEDTLS_PRIVATE(ctr)[16];  /*!< The counter buffer */
-    mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx);    /*!< The cipher context used. */
+    int MBEDTLS_PRIVATE(state);              /*!< Working value holding context's
+                                                  state. Used for chunked data input */
    size_t MBEDTLS_PRIVATE(plaintext_len);   /*!< Total plaintext length */
    size_t MBEDTLS_PRIVATE(add_len);         /*!< Total authentication data length */
    size_t MBEDTLS_PRIVATE(tag_len);         /*!< Total tag length */
@ -87,15 +88,13 @@ typedef struct mbedtls_ccm_context {
                                                  and plaintext/ciphertext.
                                                  This variable is set to zero after
                                                  auth data input is finished. */
-    unsigned char MBEDTLS_PRIVATE(q);        /*!< The Q working value */
-    unsigned char MBEDTLS_PRIVATE(mode);     /*!< The operation to perform:
+    unsigned int MBEDTLS_PRIVATE(q);         /*!< The Q working value */
+    unsigned int MBEDTLS_PRIVATE(mode);      /*!< The operation to perform:
                                              #MBEDTLS_CCM_ENCRYPT or
                                              #MBEDTLS_CCM_DECRYPT or
                                              #MBEDTLS_CCM_STAR_ENCRYPT or
                                              #MBEDTLS_CCM_STAR_DECRYPT. */
-    int MBEDTLS_PRIVATE(state);              /*!< Working value holding context's
-                                                  state. Used for chunked data
-                                                  input */
+    mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx);    /*!< The cipher context used. */
 }
 mbedtls_ccm_context;

--- a/library/ccm.c
+++ b/library/ccm.c
@ -400,7 +400,6 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx,
            mbedtls_xor(ctx->y + offset, ctx->y + offset, local_output, use_len);

            memcpy(output, local_output, use_len);
-            mbedtls_platform_zeroize(local_output, 16);

            if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
                if ((ret =