eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use mbedtls_xor in AES

Browse source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2022-11-22 15:02:54 +00:00
parent 4413b6690f
commit a8cf607458
1 changed files with 11 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

31
library/aes.c
View file

@ -978,7 +978,6 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
int i;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char temp[16]; unsigned char temp[16];
@ -1009,8 +1008,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
for( i = 0; i < 16; i++ ) mbedtls_xor( output, output, iv, 16 );
output[i] = (unsigned char)( output[i] ^ iv[i] );
memcpy( iv, temp, 16 ); memcpy( iv, temp, 16 );
@ -1023,8 +1021,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
{ {
while( length > 0 ) while( length > 0 )
{ {
for( i = 0; i < 16; i++ ) mbedtls_xor( output, input, iv, 16 );
output[i] = (unsigned char)( input[i] ^ iv[i] );
ret = mbedtls_aes_crypt_ecb( ctx, mode, output, output ); ret = mbedtls_aes_crypt_ecb( ctx, mode, output, output );
if( ret != 0 ) if( ret != 0 )
@ -1106,8 +1103,6 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
while( blocks-- ) while( blocks-- )
{ {
size_t i;
if( leftover && ( mode == MBEDTLS_AES_DECRYPT ) && blocks == 0 ) if( leftover && ( mode == MBEDTLS_AES_DECRYPT ) && blocks == 0 )
{ {
/* We are on the last block in a decrypt operation that has /* We are on the last block in a decrypt operation that has
@ -1119,15 +1114,13 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
mbedtls_gf128mul_x_ble( tweak, tweak ); mbedtls_gf128mul_x_ble( tweak, tweak );
} }
for( i = 0; i < 16; i++ ) mbedtls_xor( tmp, input, tweak, 16 );
tmp[i] = input[i] ^ tweak[i];
ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );
for( i = 0; i < 16; i++ ) mbedtls_xor( output, tmp, tweak, 16 );
output[i] = tmp[i] ^ tweak[i];
/* Update the tweak for the next block. */ /* Update the tweak for the next block. */
mbedtls_gf128mul_x_ble( tweak, tweak ); mbedtls_gf128mul_x_ble( tweak, tweak );
@ -1147,20 +1140,19 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
size_t i; size_t i;
unsigned char *prev_output = output - 16; unsigned char *prev_output = output - 16;
/* Copy ciphertext bytes from the previous block to our output for each /* Copy the remainder of the input for this final round. */
* byte of ciphertext we won't steal. At the same time, copy the
* remainder of the input for this final round (since the loop bounds
* are the same). */
for( i = 0; i < leftover; i++ ) for( i = 0; i < leftover; i++ )
{ {
output[i] = prev_output[i]; output[i] = prev_output[i];
tmp[i] = input[i] ^ t[i];
} }
/* Copy ciphertext bytes from the previous block to our output for each
* byte of ciphertext we won't steal. */
mbedtls_xor( tmp, input, t, leftover );
/* Copy ciphertext bytes from the previous block for input in this /* Copy ciphertext bytes from the previous block for input in this
* round. */ * round. */
for( ; i < 16; i++ ) mbedtls_xor( tmp + i, prev_output + i, t + i, 16 - i );
tmp[i] = prev_output[i] ^ t[i];
ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp );
if( ret != 0 ) if( ret != 0 )
@ -1168,8 +1160,7 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
/* Write the result back to the previous block, overriding the previous /* Write the result back to the previous block, overriding the previous
* output we copied. */ * output we copied. */
for( i = 0; i < 16; i++ ) mbedtls_xor( prev_output, tmp, t, 16 );
prev_output[i] = tmp[i] ^ t[i];
} }
return( 0 ); return( 0 );