diff options
author | Niels Möller <nisse@lysator.liu.se> | 2023-01-25 14:07:12 +0100 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2023-02-06 20:23:08 +0100 |
commit | fda0d425f3cf876cbb4d34d5857c5b29a9f02cc1 (patch) | |
tree | 968534444fd264a4a14cbde4e42550bb5705122e | |
parent | d67fdaf6cecb16a9d2e093770488052f1d0944aa (diff) | |
download | nettle-fda0d425f3cf876cbb4d34d5857c5b29a9f02cc1.tar.gz |
Add shared helper functions for ocb_encrypt and ocb_decrypt.
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | ocb.c | 62 |
2 files changed, 42 insertions, 24 deletions
@@ -6,6 +6,10 @@ 2023-01-25 Niels Möller <nisse@lysator.liu.se> + * ocb.c (ocb_crypt_n, ocb_checksum_n): New functions, processing + complete blocks. + (ocb_encrypt, ocb_decrypt): Use new functions. + * testsuite/ocb-test.c (test_main): Add tests with larger messages. * examples/nettle-benchmark.c (main): Benchmark ocb_aes128. @@ -159,36 +159,55 @@ ocb_update (struct ocb_ctx *ctx, const struct ocb_key *key, } } -void -ocb_encrypt (struct ocb_ctx *ctx, const struct ocb_key *key, +/* Process n complete blocks (encrypt or decrypt, checksum left to caller). */ +static void +ocb_crypt_n (struct ocb_ctx *ctx, const struct ocb_key *key, const void *cipher, nettle_cipher_func *f, - size_t length, uint8_t *dst, const uint8_t *src) + size_t n, uint8_t *dst, const uint8_t *src) { - if (ctx->message_count == 0) - ctx->offset = ctx->initial; - - for (; length >= OCB_BLOCK_SIZE; - length -= OCB_BLOCK_SIZE, src += OCB_BLOCK_SIZE, dst += OCB_BLOCK_SIZE) + for (; n > 0; n--, src += OCB_BLOCK_SIZE, dst += OCB_BLOCK_SIZE) { union nettle_block16 block; - memxor (ctx->checksum.b, src, OCB_BLOCK_SIZE); update_offset (key, &ctx->offset, ++ctx->message_count); memxor3 (block.b, ctx->offset.b, src, OCB_BLOCK_SIZE); f (cipher, OCB_BLOCK_SIZE, block.b, block.b); - memxor3 (dst, ctx->offset.b, block.b, OCB_BLOCK_SIZE); } +} + +/* Checksum of n complete blocks. */ +static void +ocb_checksum_n (union nettle_block16 *checksum, + size_t n, const uint8_t *src) +{ + for (; n > 0; n--, src += OCB_BLOCK_SIZE) + memxor (checksum->b, src, OCB_BLOCK_SIZE); +} + +void +ocb_encrypt (struct ocb_ctx *ctx, const struct ocb_key *key, + const void *cipher, nettle_cipher_func *f, + size_t length, uint8_t *dst, const uint8_t *src) +{ + size_t n = length / OCB_BLOCK_SIZE; + + if (ctx->message_count == 0) + ctx->offset = ctx->initial; + ocb_checksum_n (&ctx->checksum, n, src); + ocb_crypt_n (ctx, key, cipher, f, n, dst, src); + + length &= 15; if (length > 0) { union nettle_block16 block; - pad_block (&block, length, src); + pad_block (&block, length, src + n*OCB_BLOCK_SIZE); block16_xor (&ctx->checksum, &block); block16_xor (&ctx->offset, &key->L[0]); f (cipher, OCB_BLOCK_SIZE, block.b, ctx->offset.b); - memxor3 (dst, block.b, src, length); + memxor3 (dst + n*OCB_BLOCK_SIZE, block.b, src, length); ctx->message_count++; } } @@ -199,26 +218,21 @@ ocb_decrypt (struct ocb_ctx *ctx, const struct ocb_key *key, const void *decrypt_ctx, nettle_cipher_func *decrypt, size_t length, uint8_t *dst, const uint8_t *src) { + size_t n = length / OCB_BLOCK_SIZE; + if (ctx->message_count == 0) ctx->offset = ctx->initial; - for (; length >= OCB_BLOCK_SIZE; - length -= OCB_BLOCK_SIZE, src += OCB_BLOCK_SIZE, dst += OCB_BLOCK_SIZE) - { - union nettle_block16 block; - update_offset (key, &ctx->offset, ++ctx->message_count); - - memxor3 (block.b, ctx->offset.b, src, OCB_BLOCK_SIZE); - decrypt (decrypt_ctx, OCB_BLOCK_SIZE, block.b, block.b); - - memxor3 (dst, ctx->offset.b, block.b, OCB_BLOCK_SIZE); - memxor (ctx->checksum.b, dst, OCB_BLOCK_SIZE); - } + ocb_crypt_n (ctx, key, decrypt_ctx, decrypt, n, dst, src); + ocb_checksum_n (&ctx->checksum, n, dst); + length &= 15; if (length > 0) { union nettle_block16 block; + src += n*OCB_BLOCK_SIZE; dst += n*OCB_BLOCK_SIZE; + block16_xor (&ctx->offset, &key->L[0]); encrypt (encrypt_ctx, OCB_BLOCK_SIZE, block.b, ctx->offset.b); memxor3 (dst, block.b, src, length); |