Chiebot-Mirror
/
boringssl
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Make words in crypto/fipsmodule/modes actually words.

Browse Source 
It's a little confusing to have load_word_le but actually use size_t
instead of crypto_word_t.

NOTE: on some platforms, notably NaCl, crypto_word_t is larger than
size_t. (Do we still need to support this?) We don't have a good testing
story here, so I tested it by hacking up a 32-bit x86 build to think it
was OPENSSL_64_BIT.

Change-Id: Ia0ce469e86803f22655fe2d9659a6a5db766429f
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46424
Reviewed-by: Adam Langley <agl@google.com>
grpc-202302
David Benjamin 4 years ago committed by Adam Langley
parent 6b9c012b7b
commit 8d4c8fc41b
5 changed files with 33 additions and 33 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 18
      crypto/fipsmodule/modes/cbc.c
  2. 8
      crypto/fipsmodule/modes/cfb.c
  3. 6
      crypto/fipsmodule/modes/ctr.c
  4. 26
      crypto/fipsmodule/modes/gcm.c
  5. 8
      crypto/fipsmodule/modes/internal.h

18
crypto/fipsmodule/modes/cbc.c
Unescape View File

@ -67,7 +67,7 @@ void CRYPTO_cbc128_encrypt(const uint8_t *in, uint8_t *out, size_t len,
size_t n;
const uint8_t *iv = ivec;
while (len >= 16) {
for (n = 0; n < 16; n += sizeof(size_t)) {
for (n = 0; n < 16; n += sizeof(crypto_word_t)) {
store_word_le(out + n, load_word_le(in + n) ^ load_word_le(iv + n));
}
(*block)(out, out, key);
@ -115,19 +115,19 @@ void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len,
size_t n;
union {
size_t t[16 / sizeof(size_t)];
crypto_word_t t[16 / sizeof(crypto_word_t)];
uint8_t c[16];
} tmp;
if ((inptr >= 32 && outptr <= inptr - 32) || inptr < outptr) {
// If |out| is at least two blocks behind |in| or completely disjoint, there
// is no need to decrypt to a temporary block.
OPENSSL_STATIC_ASSERT(16 % sizeof(size_t) == 0,
OPENSSL_STATIC_ASSERT(16 % sizeof(crypto_word_t) == 0,
"block cannot be evenly divided into words");
const uint8_t *iv = ivec;
while (len >= 16) {
(*block)(in, out, key);
for (n = 0; n < 16; n += sizeof(size_t)) {
for (n = 0; n < 16; n += sizeof(crypto_word_t)) {
store_word_le(out + n, load_word_le(out + n) ^ load_word_le(iv + n));
}
iv = in;
@ -137,15 +137,15 @@ void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len,
}
OPENSSL_memcpy(ivec, iv, 16);
} else {
OPENSSL_STATIC_ASSERT(16 % sizeof(size_t) == 0,
OPENSSL_STATIC_ASSERT(16 % sizeof(crypto_word_t) == 0,
"block cannot be evenly divided into words");
while (len >= 16) {
(*block)(in, tmp.c, key);
for (n = 0; n < 16; n += sizeof(size_t)) {
size_t c = load_word_le(in + n);
store_word_le(out + n,
tmp.t[n / sizeof(size_t)] ^ load_word_le(ivec + n));
for (n = 0; n < 16; n += sizeof(crypto_word_t)) {
crypto_word_t c = load_word_le(in + n);
store_word_le(
out + n, tmp.t[n / sizeof(crypto_word_t)] ^ load_word_le(ivec + n));
store_word_le(ivec + n, c);
}
len -= 16;

8
crypto/fipsmodule/modes/cfb.c
Unescape View File

@ -72,8 +72,8 @@ void CRYPTO_cfb128_encrypt(const uint8_t *in, uint8_t *out, size_t len,
}
while (len >= 16) {
(*block)(ivec, ivec, key);
for (; n < 16; n += sizeof(size_t)) {
size_t tmp = load_word_le(ivec + n) ^ load_word_le(in + n);
for (; n < 16; n += sizeof(crypto_word_t)) {
crypto_word_t tmp = load_word_le(ivec + n) ^ load_word_le(in + n);
store_word_le(ivec + n, tmp);
store_word_le(out + n, tmp);
}
@ -101,8 +101,8 @@ void CRYPTO_cfb128_encrypt(const uint8_t *in, uint8_t *out, size_t len,
}
while (len >= 16) {
(*block)(ivec, ivec, key);
for (; n < 16; n += sizeof(size_t)) {
size_t t = load_word_le(in + n);
for (; n < 16; n += sizeof(crypto_word_t)) {
crypto_word_t t = load_word_le(in + n);
store_word_le(out + n, load_word_le(ivec + n) ^ t);
store_word_le(ivec + n, t);
}

6
crypto/fipsmodule/modes/ctr.c
Unescape View File

@ -69,8 +69,8 @@ static void ctr128_inc(uint8_t *counter) {
} while (n);
}
OPENSSL_STATIC_ASSERT(16 % sizeof(size_t) == 0,
"block cannot be divided into size_t");
OPENSSL_STATIC_ASSERT(16 % sizeof(crypto_word_t) == 0,
"block cannot be divided into crypto_word_t");
// The input encrypted as though 128bit counter mode is being used. The extra
// state information to record how much of the 128bit block we have used is
@ -102,7 +102,7 @@ void CRYPTO_ctr128_encrypt(const uint8_t *in, uint8_t *out, size_t len,
while (len >= 16) {
(*block)(ivec, ecount_buf, key);
ctr128_inc(ivec);
for (n = 0; n < 16; n += sizeof(size_t)) {
for (n = 0; n < 16; n += sizeof(crypto_word_t)) {
store_word_le(out + n,
load_word_le(in + n) ^ load_word_le(ecount_buf + n));
}

26
crypto/fipsmodule/modes/gcm.c
Unescape View File

@ -73,7 +73,7 @@ static const size_t kSizeTWithoutLower4Bits = (size_t) -16;
#if defined(GHASH_ASM_X86_64) || defined(GHASH_ASM_X86)
static inline void gcm_reduce_1bit(u128 *V) {
if (sizeof(size_t) == 8) {
if (sizeof(crypto_word_t) == 8) {
uint64_t T = UINT64_C(0xe100000000000000) & (0 - (V->hi & 1));
V->hi = (V->lo << 63) | (V->hi >> 1);
V->lo = (V->lo >> 1) ^ T;
@ -377,9 +377,9 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
(*block)(ctx->Yi.c, ctx->EKi.c, key);
++ctr;
ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
for (size_t i = 0; i < 16; i += sizeof(size_t)) {
store_word_le(out + i,
load_word_le(in + i) ^ ctx->EKi.t[i / sizeof(size_t)]);
for (size_t i = 0; i < 16; i += sizeof(crypto_word_t)) {
store_word_le(out + i, load_word_le(in + i) ^
ctx->EKi.t[i / sizeof(crypto_word_t)]);
}
out += 16;
in += 16;
@ -394,9 +394,9 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
(*block)(ctx->Yi.c, ctx->EKi.c, key);
++ctr;
ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
for (size_t i = 0; i < 16; i += sizeof(size_t)) {
store_word_le(out + i,
load_word_le(in + i) ^ ctx->EKi.t[i / sizeof(size_t)]);
for (size_t i = 0; i < 16; i += sizeof(crypto_word_t)) {
store_word_le(out + i, load_word_le(in + i) ^
ctx->EKi.t[i / sizeof(crypto_word_t)]);
}
out += 16;
in += 16;
@ -468,9 +468,9 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
(*block)(ctx->Yi.c, ctx->EKi.c, key);
++ctr;
ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
for (size_t i = 0; i < 16; i += sizeof(size_t)) {
store_word_le(out + i,
load_word_le(in + i) ^ ctx->EKi.t[i / sizeof(size_t)]);
for (size_t i = 0; i < 16; i += sizeof(crypto_word_t)) {
store_word_le(out + i, load_word_le(in + i) ^
ctx->EKi.t[i / sizeof(crypto_word_t)]);
}
out += 16;
in += 16;
@ -485,9 +485,9 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const AES_KEY *key,
(*block)(ctx->Yi.c, ctx->EKi.c, key);
++ctr;
ctx->Yi.d[3] = CRYPTO_bswap4(ctr);
for (size_t i = 0; i < 16; i += sizeof(size_t)) {
store_word_le(out + i,
load_word_le(in + i) ^ ctx->EKi.t[i / sizeof(size_t)]);
for (size_t i = 0; i < 16; i += sizeof(crypto_word_t)) {
store_word_le(out + i, load_word_le(in + i) ^
ctx->EKi.t[i / sizeof(crypto_word_t)]);
}
out += 16;
in += 16;

8
crypto/fipsmodule/modes/internal.h
Unescape View File

@ -75,13 +75,13 @@ static inline void PUTU32(void *out, uint32_t v) {
OPENSSL_memcpy(out, &v, sizeof(v));
}
static inline size_t load_word_le(const void *in) {
size_t v;
static inline crypto_word_t load_word_le(const void *in) {
crypto_word_t v;
OPENSSL_memcpy(&v, in, sizeof(v));
return v;
}
static inline void store_word_le(void *out, size_t v) {
static inline void store_word_le(void *out, crypto_word_t v) {
OPENSSL_memcpy(out, &v, sizeof(v));
}
@ -171,7 +171,7 @@ typedef struct {
uint64_t u[2];
uint32_t d[4];
uint8_t c[16];
size_t t[16 / sizeof(size_t)];
crypto_word_t t[16 / sizeof(crypto_word_t)];
} Yi, EKi, EK0, len, Xi;
// Note that the order of |Xi| and |gcm_key| is fixed by the MOVBE-based,

Write Preview
Loading…
Cancel
Save