diff options
Diffstat (limited to 'src/crypto/modes/gcm.c')
-rw-r--r-- | src/crypto/modes/gcm.c | 49 |
1 files changed, 26 insertions, 23 deletions
diff --git a/src/crypto/modes/gcm.c b/src/crypto/modes/gcm.c index 593dce8..8aac741 100644 --- a/src/crypto/modes/gcm.c +++ b/src/crypto/modes/gcm.c @@ -46,7 +46,7 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== */ -#include <openssl/modes.h> +#include <openssl/base.h> #include <assert.h> #include <string.h> @@ -86,6 +86,9 @@ } \ } while (0) +// kSizeTWithoutLower4Bits is a mask that can be used to zero the lower four +// bits of a |size_t|. +static const size_t kSizeTWithoutLower4Bits = (size_t) -16; static void gcm_init_4bit(u128 Htable[16], uint64_t H[2]) { u128 V; @@ -355,7 +358,7 @@ void gcm_ghash_4bit_x86(uint64_t Xi[2], const u128 Htable[16], const uint8_t *in #define GCM_FUNCREF_4BIT static int pmull_capable(void) { - return (OPENSSL_armcap_P & ARMV8_PMULL) != 0; + return CRYPTO_is_ARMv8_PMULL_capable(); } void gcm_init_v8(u128 Htable[16], const uint64_t Xi[2]); @@ -403,7 +406,7 @@ void gcm_ghash_neon(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp, #endif #endif -GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block) { +GCM128_CONTEXT *CRYPTO_gcm128_new(const void *key, block128_f block) { GCM128_CONTEXT *ret; ret = (GCM128_CONTEXT *)OPENSSL_malloc(sizeof(GCM128_CONTEXT)); @@ -414,7 +417,8 @@ GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block) { return ret; } -void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block) { +void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, const void *key, + block128_f block) { const union { long one; char little; @@ -422,7 +426,6 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block) { memset(ctx, 0, sizeof(*ctx)); ctx->block = block; - ctx->key = key; (*block)(ctx->H.c, ctx->H.c, key); @@ -488,7 +491,8 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block) { #endif } -void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const uint8_t *iv, size_t len) { +void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const void *key, + const uint8_t *iv, size_t len) { const union { long one; char little; @@ -556,7 +560,7 @@ void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const uint8_t *iv, size_t len) { } } - (*ctx->block)(ctx->Yi.c, ctx->EK0.c, ctx->key); + (*ctx->block)(ctx->Yi.c, ctx->EK0.c, key); ++ctr; if (is_endian.little) { PUTU32(ctx->Yi.c + 12, ctr); @@ -629,8 +633,9 @@ int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const uint8_t *aad, size_t len) { return 1; } -int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const unsigned char *in, - unsigned char *out, size_t len) { +int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const void *key, + const unsigned char *in, unsigned char *out, + size_t len) { const union { long one; char little; @@ -639,7 +644,6 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const unsigned char *in, size_t i; uint64_t mlen = ctx->len.u[1]; block128_f block = ctx->block; - void *key = ctx->key; #ifdef GCM_FUNCREF_4BIT void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) = ctx->gmult; #ifdef GHASH @@ -789,8 +793,9 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const unsigned char *in, return 1; } -int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const unsigned char *in, - unsigned char *out, size_t len) { +int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const void *key, + const unsigned char *in, unsigned char *out, + size_t len) { const union { long one; char little; @@ -799,7 +804,6 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const unsigned char *in, size_t i; uint64_t mlen = ctx->len.u[1]; block128_f block = ctx->block; - void *key = ctx->key; #ifdef GCM_FUNCREF_4BIT void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) = ctx->gmult; #ifdef GHASH @@ -956,16 +960,15 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const unsigned char *in, return 1; } -int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in, - uint8_t *out, size_t len, ctr128_f stream) { +int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const void *key, + const uint8_t *in, uint8_t *out, size_t len, + ctr128_f stream) { const union { long one; char little; } is_endian = {1}; unsigned int n, ctr; - size_t i; uint64_t mlen = ctx->len.u[1]; - void *key = ctx->key; #ifdef GCM_FUNCREF_4BIT void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) = ctx->gmult; #ifdef GHASH @@ -1022,7 +1025,8 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in, len -= GHASH_CHUNK; } #endif - if ((i = (len & (size_t) - 16))) { + size_t i = len & kSizeTWithoutLower4Bits; + if (i != 0) { size_t j = i / 16; (*stream)(in, out, j, key, ctx->Yi.c); @@ -1065,17 +1069,15 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in, return 1; } -int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in, - uint8_t *out, size_t len, +int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const void *key, + const uint8_t *in, uint8_t *out, size_t len, ctr128_f stream) { const union { long one; char little; } is_endian = {1}; unsigned int n, ctr; - size_t i; uint64_t mlen = ctx->len.u[1]; - void *key = ctx->key; #ifdef GCM_FUNCREF_4BIT void (*gcm_gmult_p)(uint64_t Xi[2], const u128 Htable[16]) = ctx->gmult; #ifdef GHASH @@ -1134,7 +1136,8 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in, len -= GHASH_CHUNK; } #endif - if ((i = (len & (size_t) - 16))) { + size_t i = len & kSizeTWithoutLower4Bits; + if (i != 0) { size_t j = i / 16; #if defined(GHASH) |