[openssl] master update

Richard Levitte levitte at openssl.org
Tue Jan 14 13:58:21 UTC 2020


The branch master has been updated
       via  7c66ad65f959fa05ad7b95b0c84384d6e63e56f1 (commit)
      from  8f020c3da571fd56c4a1ce16daad553193549a67 (commit)


- Log -----------------------------------------------------------------
commit 7c66ad65f959fa05ad7b95b0c84384d6e63e56f1
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Jan 8 14:58:34 2020 +0100

    PROV: Fix mixup between general and specialized GCM implementations
    
    providers/implementations/ciphers/ciphercommon_gcm_hw.c had an AES
    specific GCM update function, while
    providers/implementations/ciphers/cipher_aria_gcm_hw.c had the more
    general implementation.
    
    This moves them around to have the more general implementation in the
    common source, and place the AES specialiation where it belongs.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/10783)

-----------------------------------------------------------------------

Summary of changes:
 .../implementations/ciphers/cipher_aes_gcm_hw.c    | 71 +++++++++++++++++++++-
 .../ciphers/cipher_aes_gcm_hw_aesni.inc            |  2 +-
 .../ciphers/cipher_aes_gcm_hw_armv8.inc            |  2 +-
 .../ciphers/cipher_aes_gcm_hw_t4.inc               |  2 +-
 .../implementations/ciphers/cipher_aria_gcm_hw.c   | 15 +----
 .../implementations/ciphers/ciphercommon_gcm_hw.c  | 60 ++----------------
 6 files changed, 76 insertions(+), 76 deletions(-)

diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw.c b/providers/implementations/ciphers/cipher_aes_gcm_hw.c
index 0eb799451d..76c9b00c53 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm_hw.c
+++ b/providers/implementations/ciphers/cipher_aes_gcm_hw.c
@@ -17,7 +17,7 @@
 
 #include "cipher_aes_gcm.h"
 
-static int generic_aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
+static int aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
                                    size_t keylen)
 {
     PROV_AES_GCM_CTX *actx = (PROV_AES_GCM_CTX *)ctx;
@@ -59,11 +59,76 @@ static int generic_aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
     return 1;
 }
 
+static int generic_aes_gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
+                                         size_t len, unsigned char *out)
+{
+    if (ctx->enc) {
+        if (ctx->ctr != NULL) {
+#if defined(AES_GCM_ASM)
+            size_t bulk = 0;
+
+            if (len >= AES_GCM_ENC_BYTES && AES_GCM_ASM(ctx)) {
+                size_t res = (16 - ctx->gcm.mres) % 16;
+
+                if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, res))
+                    return 0;
+
+                bulk = AES_gcm_encrypt(in + res, out + res, len - res,
+                                       ctx->gcm.key,
+                                       ctx->gcm.Yi.c, ctx->gcm.Xi.u);
+
+                ctx->gcm.len.u[1] += bulk;
+                bulk += res;
+            }
+            if (CRYPTO_gcm128_encrypt_ctr32(&ctx->gcm, in + bulk, out + bulk,
+                                            len - bulk, ctx->ctr))
+                return 0;
+#else
+            if (CRYPTO_gcm128_encrypt_ctr32(&ctx->gcm, in, out, len, ctx->ctr))
+                return 0;
+#endif /* AES_GCM_ASM */
+        } else {
+            if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, len))
+                return 0;
+        }
+    } else {
+        if (ctx->ctr != NULL) {
+#if defined(AES_GCM_ASM)
+            size_t bulk = 0;
+
+            if (len >= AES_GCM_DEC_BYTES && AES_GCM_ASM(ctx)) {
+                size_t res = (16 - ctx->gcm.mres) % 16;
+
+                if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, res))
+                    return -1;
+
+                bulk = AES_gcm_decrypt(in + res, out + res, len - res,
+                                       ctx->gcm.key,
+                                       ctx->gcm.Yi.c, ctx->gcm.Xi.u);
+
+                ctx->gcm.len.u[1] += bulk;
+                bulk += res;
+            }
+            if (CRYPTO_gcm128_decrypt_ctr32(&ctx->gcm, in + bulk, out + bulk,
+                                            len - bulk, ctx->ctr))
+                return 0;
+#else
+            if (CRYPTO_gcm128_decrypt_ctr32(&ctx->gcm, in, out, len, ctx->ctr))
+                return 0;
+#endif /* AES_GCM_ASM */
+        } else {
+            if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, len))
+                return 0;
+        }
+    }
+    return 1;
+}
+
 static const PROV_GCM_HW aes_gcm = {
-    generic_aes_gcm_initkey,
+    aes_gcm_initkey,
     gcm_setiv,
     gcm_aad_update,
-    gcm_cipher_update,
+    generic_aes_gcm_cipher_update,
     gcm_cipher_final,
     gcm_one_shot
 };
diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_aesni.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_aesni.inc
index 2fc86982c0..ce558dc26e 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm_hw_aesni.inc
+++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_aesni.inc
@@ -26,7 +26,7 @@ static const PROV_GCM_HW aesni_gcm = {
     aesni_gcm_initkey,
     gcm_setiv,
     gcm_aad_update,
-    gcm_cipher_update,
+    generic_aes_gcm_cipher_update,
     gcm_cipher_final,
     gcm_one_shot
 };
diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc
index 4e8cc9c54e..6f3c545369 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc
+++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc
@@ -72,7 +72,7 @@ static const PROV_GCM_HW armv8_aes_gcm = {
     armv8_aes_gcm_initkey,
     gcm_setiv,
     gcm_aad_update,
-    gcm_cipher_update,
+    generic_aes_gcm_cipher_update,
     gcm_cipher_final,
     gcm_one_shot
 };
diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_t4.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_t4.inc
index cc7d4ba528..c45a449302 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm_hw_t4.inc
+++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_t4.inc
@@ -42,7 +42,7 @@ static const PROV_GCM_HW t4_aes_gcm = {
     t4_aes_gcm_initkey,
     gcm_setiv,
     gcm_aad_update,
-    gcm_cipher_update,
+    generic_aes_gcm_cipher_update,
     gcm_cipher_final,
     gcm_one_shot
 };
diff --git a/providers/implementations/ciphers/cipher_aria_gcm_hw.c b/providers/implementations/ciphers/cipher_aria_gcm_hw.c
index ed1e1851dc..04db40b53b 100644
--- a/providers/implementations/ciphers/cipher_aria_gcm_hw.c
+++ b/providers/implementations/ciphers/cipher_aria_gcm_hw.c
@@ -23,24 +23,11 @@ static int aria_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
     return 1;
 }
 
-static int aria_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
-                              size_t len, unsigned char *out)
-{
-    if (ctx->enc) {
-        if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, len))
-            return 0;
-    } else {
-        if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, len))
-            return 0;
-    }
-    return 1;
-}
-
 static const PROV_GCM_HW aria_gcm = {
     aria_gcm_initkey,
     gcm_setiv,
     gcm_aad_update,
-    aria_cipher_update,
+    gcm_cipher_update,
     gcm_cipher_final,
     gcm_one_shot
 };
diff --git a/providers/implementations/ciphers/ciphercommon_gcm_hw.c b/providers/implementations/ciphers/ciphercommon_gcm_hw.c
index 1114c36b3f..e5998c4aa4 100644
--- a/providers/implementations/ciphers/ciphercommon_gcm_hw.c
+++ b/providers/implementations/ciphers/ciphercommon_gcm_hw.c
@@ -26,63 +26,11 @@ int gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
                       size_t len, unsigned char *out)
 {
     if (ctx->enc) {
-        if (ctx->ctr != NULL) {
-#if defined(AES_GCM_ASM)
-            size_t bulk = 0;
-
-            if (len >= AES_GCM_ENC_BYTES && AES_GCM_ASM(ctx)) {
-                size_t res = (16 - ctx->gcm.mres) % 16;
-
-                if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, res))
-                    return 0;
-
-                bulk = AES_gcm_encrypt(in + res, out + res, len - res,
-                                       ctx->gcm.key,
-                                       ctx->gcm.Yi.c, ctx->gcm.Xi.u);
-
-                ctx->gcm.len.u[1] += bulk;
-                bulk += res;
-            }
-            if (CRYPTO_gcm128_encrypt_ctr32(&ctx->gcm, in + bulk, out + bulk,
-                                            len - bulk, ctx->ctr))
-                return 0;
-#else
-            if (CRYPTO_gcm128_encrypt_ctr32(&ctx->gcm, in, out, len, ctx->ctr))
-                return 0;
-#endif /* AES_GCM_ASM */
-        } else {
-            if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, len))
-                return 0;
-        }
+        if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, len))
+            return 0;
     } else {
-        if (ctx->ctr != NULL) {
-#if defined(AES_GCM_ASM)
-            size_t bulk = 0;
-
-            if (len >= AES_GCM_DEC_BYTES && AES_GCM_ASM(ctx)) {
-                size_t res = (16 - ctx->gcm.mres) % 16;
-
-                if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, res))
-                    return -1;
-
-                bulk = AES_gcm_decrypt(in + res, out + res, len - res,
-                                       ctx->gcm.key,
-                                       ctx->gcm.Yi.c, ctx->gcm.Xi.u);
-
-                ctx->gcm.len.u[1] += bulk;
-                bulk += res;
-            }
-            if (CRYPTO_gcm128_decrypt_ctr32(&ctx->gcm, in + bulk, out + bulk,
-                                            len - bulk, ctx->ctr))
-                return 0;
-#else
-            if (CRYPTO_gcm128_decrypt_ctr32(&ctx->gcm, in, out, len, ctx->ctr))
-                return 0;
-#endif /* AES_GCM_ASM */
-        } else {
-            if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, len))
-                return 0;
-        }
+        if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, len))
+            return 0;
     }
     return 1;
 }


More information about the openssl-commits mailing list