diff options
author | Niels Möller <nisse@lysator.liu.se> | 2021-09-14 14:40:35 +0200 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2021-09-14 14:40:35 +0200 |
commit | 55584f4e7ce91f3e1c3b68f900a88d2ad680ae8d (patch) | |
tree | d63d2052df3d9adad9923d3378a293facce99c1d | |
parent | 7a966ac3869b7b8d94fb92740415ad71bbbdeee7 (diff) | |
download | nettle-55584f4e7ce91f3e1c3b68f900a88d2ad680ae8d.tar.gz |
Change CBC-AES interface
* cbc.h (cbc_aes128_encrypt, cbc_aes192_encrypt)
(cbc_aes256_encrypt): Change interface, take cipher context
pointer and iv as separate arguments. Update C and x86_64
implementations and corresponding glue code.
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | cbc-aes128-encrypt.c | 8 | ||||
-rw-r--r-- | cbc-aes192-encrypt.c | 8 | ||||
-rw-r--r-- | cbc-aes256-encrypt.c | 8 | ||||
-rw-r--r-- | cbc.h | 12 | ||||
-rw-r--r-- | fat-setup.h | 9 | ||||
-rw-r--r-- | fat-x86_64.c | 12 | ||||
-rw-r--r-- | nettle-internal.c | 31 | ||||
-rw-r--r-- | x86_64/aesni/cbc-aes128-encrypt.asm | 16 | ||||
-rw-r--r-- | x86_64/aesni/cbc-aes192-encrypt.asm | 16 | ||||
-rw-r--r-- | x86_64/aesni/cbc-aes256-encrypt.asm | 16 |
11 files changed, 87 insertions, 54 deletions
@@ -1,5 +1,10 @@ 2021-09-14 Niels Möller <nisse@lysator.liu.se> + * cbc.h (cbc_aes128_encrypt, cbc_aes192_encrypt) + (cbc_aes256_encrypt): Change interface, take cipher context + pointer and iv as separate arguments. Update C and x86_64 + implementations and corresponding glue code. + * testsuite/testutils.c (test_aead): Test encrypt/decrypt with message split into pieces. diff --git a/cbc-aes128-encrypt.c b/cbc-aes128-encrypt.c index 358a3d70..b13c744c 100644 --- a/cbc-aes128-encrypt.c +++ b/cbc-aes128-encrypt.c @@ -38,14 +38,16 @@ /* For fat builds */ #if HAVE_NATIVE_cbc_aes128_encrypt void -_nettle_cbc_aes128_encrypt_c(struct cbc_aes128_ctx *ctx, +_nettle_cbc_aes128_encrypt_c(const struct aes128_ctx *ctx, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src); # define nettle_cbc_aes128_encrypt _nettle_cbc_aes128_encrypt_c #endif void -cbc_aes128_encrypt(struct cbc_aes128_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src) +cbc_aes128_encrypt(const struct aes128_ctx *ctx, uint8_t *iv, + size_t length, uint8_t *dst, const uint8_t *src) { - CBC_ENCRYPT(ctx, aes128_encrypt, length, dst, src); + cbc_encrypt(ctx, (nettle_cipher_func *) aes128_encrypt, + AES_BLOCK_SIZE, iv, length, dst, src); } diff --git a/cbc-aes192-encrypt.c b/cbc-aes192-encrypt.c index fa9d10b4..c23192d2 100644 --- a/cbc-aes192-encrypt.c +++ b/cbc-aes192-encrypt.c @@ -38,14 +38,16 @@ /* For fat builds */ #if HAVE_NATIVE_cbc_aes192_encrypt void -_nettle_cbc_aes192_encrypt_c(struct cbc_aes192_ctx *ctx, +_nettle_cbc_aes192_encrypt_c(const struct aes192_ctx *ctx, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src); # define nettle_cbc_aes192_encrypt _nettle_cbc_aes192_encrypt_c #endif void -cbc_aes192_encrypt(struct cbc_aes192_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src) +cbc_aes192_encrypt(const struct aes192_ctx *ctx, uint8_t *iv, + size_t length, uint8_t *dst, const uint8_t *src) { - CBC_ENCRYPT(ctx, aes192_encrypt, length, dst, src); + cbc_encrypt(ctx, (nettle_cipher_func *) aes192_encrypt, + AES_BLOCK_SIZE, iv, length, dst, src); } diff --git a/cbc-aes256-encrypt.c b/cbc-aes256-encrypt.c index 72dd7d83..14c6d9f0 100644 --- a/cbc-aes256-encrypt.c +++ b/cbc-aes256-encrypt.c @@ -38,14 +38,16 @@ /* For fat builds */ #if HAVE_NATIVE_cbc_aes256_encrypt void -_nettle_cbc_aes256_encrypt_c(struct cbc_aes256_ctx *ctx, +_nettle_cbc_aes256_encrypt_c(const struct aes256_ctx *ctx, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src); # define nettle_cbc_aes256_encrypt _nettle_cbc_aes256_encrypt_c #endif void -cbc_aes256_encrypt(struct cbc_aes256_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src) +cbc_aes256_encrypt(const struct aes256_ctx *ctx, uint8_t *iv, + size_t length, uint8_t *dst, const uint8_t *src) { - CBC_ENCRYPT(ctx, aes256_encrypt, length, dst, src); + cbc_encrypt(ctx, (nettle_cipher_func *) aes256_encrypt, + AES_BLOCK_SIZE, iv, length, dst, src); } @@ -83,17 +83,17 @@ memcpy((ctx)->iv, (data), sizeof((ctx)->iv)) sizeof((self)->iv), (self)->iv, \ (length), (dst), (src))) -struct cbc_aes128_ctx CBC_CTX(struct aes128_ctx, AES_BLOCK_SIZE); void -cbc_aes128_encrypt(struct cbc_aes128_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); +cbc_aes128_encrypt(const struct aes128_ctx *ctx, uint8_t *iv, + size_t length, uint8_t *dst, const uint8_t *src); -struct cbc_aes192_ctx CBC_CTX(struct aes192_ctx, AES_BLOCK_SIZE); void -cbc_aes192_encrypt(struct cbc_aes192_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); +cbc_aes192_encrypt(const struct aes192_ctx *ctx, uint8_t *iv, + size_t length, uint8_t *dst, const uint8_t *src); -struct cbc_aes256_ctx CBC_CTX(struct aes256_ctx, AES_BLOCK_SIZE); void -cbc_aes256_encrypt(struct cbc_aes256_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); +cbc_aes256_encrypt(const struct aes256_ctx *ctx, uint8_t *iv, + size_t length, uint8_t *dst, const uint8_t *src); #ifdef __cplusplus } diff --git a/fat-setup.h b/fat-setup.h index 9ef5c22d..64b27244 100644 --- a/fat-setup.h +++ b/fat-setup.h @@ -214,12 +214,9 @@ typedef void aes256_invert_key_func (struct aes256_ctx *dst, const struct aes256 typedef void aes256_crypt_func (const struct aes256_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); -struct cbc_aes128_ctx; -typedef void cbc_aes128_encrypt_func (struct cbc_aes128_ctx *ctx, +typedef void cbc_aes128_encrypt_func (const struct aes128_ctx *ctx, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src); -struct cbc_aes192_ctx; -typedef void cbc_aes192_encrypt_func (struct cbc_aes192_ctx *ctx, +typedef void cbc_aes192_encrypt_func (const struct aes192_ctx *ctx, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src); -struct cbc_aes256_ctx; -typedef void cbc_aes256_encrypt_func (struct cbc_aes256_ctx *ctx, +typedef void cbc_aes256_encrypt_func (const struct aes256_ctx *ctx, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src); diff --git a/fat-x86_64.c b/fat-x86_64.c index b5da39a1..30551cb2 100644 --- a/fat-x86_64.c +++ b/fat-x86_64.c @@ -262,17 +262,17 @@ DEFINE_FAT_FUNC(nettle_aes256_decrypt, void, (ctx, length, dst, src)) DEFINE_FAT_FUNC(nettle_cbc_aes128_encrypt, void, - (struct cbc_aes128_ctx *ctx, + (const struct aes128_ctx *ctx, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src), - (ctx, length, dst, src)) + (ctx, iv, length, dst, src)) DEFINE_FAT_FUNC(nettle_cbc_aes192_encrypt, void, - (struct cbc_aes192_ctx *ctx, + (const struct aes192_ctx *ctx, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src), - (ctx, length, dst, src)) + (ctx, iv, length, dst, src)) DEFINE_FAT_FUNC(nettle_cbc_aes256_encrypt, void, - (struct cbc_aes256_ctx *ctx, + (const struct aes256_ctx *ctx, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src), - (ctx, length, dst, src)) + (ctx, iv, length, dst, src)) DEFINE_FAT_FUNC(nettle_memxor, void *, (void *dst, const void *src, size_t n), diff --git a/nettle-internal.c b/nettle-internal.c index e2422a5b..dd293227 100644 --- a/nettle-internal.c +++ b/nettle-internal.c @@ -152,6 +152,7 @@ nettle_salsa20r12 = { NULL, }; +struct cbc_aes128_ctx CBC_CTX(struct aes128_ctx, AES_BLOCK_SIZE); static void cbc_aes128_set_encrypt_key(struct cbc_aes128_ctx *ctx, const uint8_t *key) { @@ -162,6 +163,14 @@ cbc_aes128_set_iv(struct cbc_aes128_ctx *ctx, const uint8_t *iv) { CBC_SET_IV(ctx, iv); } +static void +cbc_aes128_encrypt_wrapper(struct cbc_aes128_ctx *ctx, + size_t length, uint8_t *dst, + const uint8_t *src) +{ + cbc_aes128_encrypt(&ctx->ctx, ctx->iv, length, dst, src); +} + const struct nettle_aead nettle_cbc_aes128 = { "cbc_aes128", sizeof(struct cbc_aes128_ctx), @@ -171,11 +180,12 @@ nettle_cbc_aes128 = { NULL, (nettle_set_key_func*) cbc_aes128_set_iv, NULL, - (nettle_crypt_func *) cbc_aes128_encrypt, + (nettle_crypt_func *) cbc_aes128_encrypt_wrapper, NULL, NULL, }; +struct cbc_aes192_ctx CBC_CTX(struct aes192_ctx, AES_BLOCK_SIZE); static void cbc_aes192_set_encrypt_key(struct cbc_aes192_ctx *ctx, const uint8_t *key) { @@ -186,6 +196,13 @@ cbc_aes192_set_iv(struct cbc_aes192_ctx *ctx, const uint8_t *iv) { CBC_SET_IV(ctx, iv); } +static void +cbc_aes192_encrypt_wrapper(struct cbc_aes192_ctx *ctx, + size_t length, uint8_t *dst, + const uint8_t *src) +{ + cbc_aes192_encrypt(&ctx->ctx, ctx->iv, length, dst, src); +} const struct nettle_aead nettle_cbc_aes192 = { "cbc_aes192", sizeof(struct cbc_aes192_ctx), @@ -195,11 +212,12 @@ nettle_cbc_aes192 = { NULL, (nettle_set_key_func*) cbc_aes192_set_iv, NULL, - (nettle_crypt_func *) cbc_aes192_encrypt, + (nettle_crypt_func *) cbc_aes192_encrypt_wrapper, NULL, NULL, }; +struct cbc_aes256_ctx CBC_CTX(struct aes256_ctx, AES_BLOCK_SIZE); static void cbc_aes256_set_encrypt_key(struct cbc_aes256_ctx *ctx, const uint8_t *key) { @@ -210,6 +228,13 @@ cbc_aes256_set_iv(struct cbc_aes256_ctx *ctx, const uint8_t *iv) { CBC_SET_IV(ctx, iv); } +static void +cbc_aes256_encrypt_wrapper(struct cbc_aes256_ctx *ctx, + size_t length, uint8_t *dst, + const uint8_t *src) +{ + cbc_aes256_encrypt(&ctx->ctx, ctx->iv, length, dst, src); +} const struct nettle_aead nettle_cbc_aes256 = { "cbc_aes256", sizeof(struct cbc_aes256_ctx), @@ -219,7 +244,7 @@ nettle_cbc_aes256 = { NULL, (nettle_set_key_func*) cbc_aes256_set_iv, NULL, - (nettle_crypt_func *) cbc_aes256_encrypt, + (nettle_crypt_func *) cbc_aes256_encrypt_wrapper, NULL, NULL, }; diff --git a/x86_64/aesni/cbc-aes128-encrypt.asm b/x86_64/aesni/cbc-aes128-encrypt.asm index 7375dadd..c780b35e 100644 --- a/x86_64/aesni/cbc-aes128-encrypt.asm +++ b/x86_64/aesni/cbc-aes128-encrypt.asm @@ -32,9 +32,10 @@ ifelse(` C Input argument define(`CTX', `%rdi') -define(`LENGTH',`%rsi') -define(`DST', `%rdx') -define(`SRC', `%rcx') +define(`IV', `%rsi') +define(`LENGTH',`%rdx') +define(`DST', `%rcx') +define(`SRC', `%r8') define(`KEY0', `%xmm0') define(`KEY1', `%xmm1') @@ -59,7 +60,7 @@ define(`BLOCK', `%xmm12') .text ALIGN(16) PROLOGUE(nettle_cbc_aes128_encrypt) - W64_ENTRY(4, 13) + W64_ENTRY(5, 13) shr $4, LENGTH test LENGTH, LENGTH jz .Lend @@ -75,7 +76,7 @@ PROLOGUE(nettle_cbc_aes128_encrypt) movups 128(CTX), KEY8 movups 144(CTX), KEY9 movups 160(CTX), KEY10 - movups 176(CTX), X C Load IV + movups (IV), X .Lblock_loop: movups (SRC), BLOCK C Cleartext block @@ -99,10 +100,9 @@ PROLOGUE(nettle_cbc_aes128_encrypt) dec LENGTH jnz .Lblock_loop - C Save IV - movups X, 176(CTX) + movups X, (IV) .Lend: - W64_EXIT(4, 13) + W64_EXIT(5, 13) ret EPILOGUE(nettle_cbc_aes128_encrypt) diff --git a/x86_64/aesni/cbc-aes192-encrypt.asm b/x86_64/aesni/cbc-aes192-encrypt.asm index 2438d91f..13825162 100644 --- a/x86_64/aesni/cbc-aes192-encrypt.asm +++ b/x86_64/aesni/cbc-aes192-encrypt.asm @@ -32,9 +32,10 @@ ifelse(` C Input argument define(`CTX', `%rdi') -define(`LENGTH',`%rsi') -define(`DST', `%rdx') -define(`SRC', `%rcx') +define(`IV', `%rsi') +define(`LENGTH',`%rdx') +define(`DST', `%rcx') +define(`SRC', `%r8') define(`KEY0', `%xmm0') define(`KEY1', `%xmm1') @@ -61,7 +62,7 @@ define(`BLOCK', `%xmm14') .text ALIGN(16) PROLOGUE(nettle_cbc_aes192_encrypt) - W64_ENTRY(4, 15) + W64_ENTRY(5, 15) shr $4, LENGTH test LENGTH, LENGTH jz .Lend @@ -79,7 +80,7 @@ PROLOGUE(nettle_cbc_aes192_encrypt) movups 160(CTX), KEY10 movups 176(CTX), KEY11 movups 192(CTX), KEY12 - movups 208(CTX), X C Load IV + movups (IV), X .Lblock_loop: movups (SRC), BLOCK C Cleartext block @@ -105,10 +106,9 @@ PROLOGUE(nettle_cbc_aes192_encrypt) dec LENGTH jnz .Lblock_loop - C Save IV - movups X, 208(CTX) + movups X, (IV) .Lend: - W64_EXIT(4, 15) + W64_EXIT(5, 15) ret EPILOGUE(nettle_cbc_aes192_encrypt) diff --git a/x86_64/aesni/cbc-aes256-encrypt.asm b/x86_64/aesni/cbc-aes256-encrypt.asm index 6b289c70..17428f19 100644 --- a/x86_64/aesni/cbc-aes256-encrypt.asm +++ b/x86_64/aesni/cbc-aes256-encrypt.asm @@ -32,9 +32,10 @@ ifelse(` C Input argument define(`CTX', `%rdi') -define(`LENGTH',`%rsi') -define(`DST', `%rdx') -define(`SRC', `%rcx') +define(`IV', `%rsi') +define(`LENGTH',`%rdx') +define(`DST', `%rcx') +define(`SRC', `%r8') define(`KEY0_7', `%xmm0') define(`KEY1', `%xmm1') @@ -63,7 +64,7 @@ define(`BLOCK', `%xmm15') .text ALIGN(16) PROLOGUE(nettle_cbc_aes256_encrypt) - W64_ENTRY(4, 16) + W64_ENTRY(5, 16) shr $4, LENGTH test LENGTH, LENGTH jz .Lend @@ -82,7 +83,7 @@ PROLOGUE(nettle_cbc_aes256_encrypt) movups 192(CTX), KEY12 movups 208(CTX), KEY13 movups 224(CTX), KEY14 - movups 240(CTX), X C Load IV + movups (IV), X .Lblock_loop: movups (SRC), BLOCK C Cleartext block @@ -112,10 +113,9 @@ PROLOGUE(nettle_cbc_aes256_encrypt) dec LENGTH jnz .Lblock_loop - C Save IV - movups X, 240(CTX) + movups X, (IV) .Lend: - W64_EXIT(4, 16) + W64_EXIT(5, 16) ret EPILOGUE(nettle_cbc_aes256_encrypt) |