diff options
| author | beck <> | 2023-07-08 14:55:36 +0000 |
|---|---|---|
| committer | beck <> | 2023-07-08 14:55:36 +0000 |
| commit | 3c27356c4047c5869d9365e12ad90ccbdbb882ab (patch) | |
| tree | 8b52e2acda02335df7e6b79862b2a92ae5046a0f /src/lib/libcrypto/modes/ctr128.c | |
| parent | cfe8c9ef5ce212d7cb6e1b00c34a8835dd08c925 (diff) | |
| download | openbsd-3c27356c4047c5869d9365e12ad90ccbdbb882ab.tar.gz openbsd-3c27356c4047c5869d9365e12ad90ccbdbb882ab.tar.bz2 openbsd-3c27356c4047c5869d9365e12ad90ccbdbb882ab.zip | |
Hit modes with the loving mallet of knfmt
ok tb@
Diffstat (limited to 'src/lib/libcrypto/modes/ctr128.c')
| -rw-r--r-- | src/lib/libcrypto/modes/ctr128.c | 148 |
1 files changed, 81 insertions, 67 deletions
diff --git a/src/lib/libcrypto/modes/ctr128.c b/src/lib/libcrypto/modes/ctr128.c index eadb80449c..7ba68a9c4c 100644 --- a/src/lib/libcrypto/modes/ctr128.c +++ b/src/lib/libcrypto/modes/ctr128.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ctr128.c,v 1.9 2022/12/26 07:18:52 jmc Exp $ */ | 1 | /* $OpenBSD: ctr128.c,v 1.10 2023/07/08 14:55:36 beck Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 2008 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 2008 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -7,7 +7,7 @@ | |||
| 7 | * are met: | 7 | * are met: |
| 8 | * | 8 | * |
| 9 | * 1. Redistributions of source code must retain the above copyright | 9 | * 1. Redistributions of source code must retain the above copyright |
| 10 | * notice, this list of conditions and the following disclaimer. | 10 | * notice, this list of conditions and the following disclaimer. |
| 11 | * | 11 | * |
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer in | 13 | * notice, this list of conditions and the following disclaimer in |
| @@ -64,8 +64,10 @@ | |||
| 64 | * is endian-neutral. */ | 64 | * is endian-neutral. */ |
| 65 | 65 | ||
| 66 | /* increment counter (128-bit int) by 1 */ | 66 | /* increment counter (128-bit int) by 1 */ |
| 67 | static void ctr128_inc(unsigned char *counter) { | 67 | static void |
| 68 | u32 n=16; | 68 | ctr128_inc(unsigned char *counter) |
| 69 | { | ||
| 70 | u32 n = 16; | ||
| 69 | u8 c; | 71 | u8 c; |
| 70 | 72 | ||
| 71 | do { | 73 | do { |
| @@ -73,7 +75,8 @@ static void ctr128_inc(unsigned char *counter) { | |||
| 73 | c = counter[n]; | 75 | c = counter[n]; |
| 74 | ++c; | 76 | ++c; |
| 75 | counter[n] = c; | 77 | counter[n] = c; |
| 76 | if (c) return; | 78 | if (c) |
| 79 | return; | ||
| 77 | } while (n); | 80 | } while (n); |
| 78 | } | 81 | } |
| 79 | 82 | ||
| @@ -112,70 +115,76 @@ ctr128_inc_aligned(unsigned char *counter) | |||
| 112 | * responsibility for checking that the counter doesn't overflow | 115 | * responsibility for checking that the counter doesn't overflow |
| 113 | * into the rest of the IV when incremented. | 116 | * into the rest of the IV when incremented. |
| 114 | */ | 117 | */ |
| 115 | void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out, | 118 | void |
| 116 | size_t len, const void *key, | 119 | CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out, |
| 117 | unsigned char ivec[16], unsigned char ecount_buf[16], | 120 | size_t len, const void *key, |
| 118 | unsigned int *num, block128_f block) | 121 | unsigned char ivec[16], unsigned char ecount_buf[16], |
| 122 | unsigned int *num, block128_f block) | ||
| 119 | { | 123 | { |
| 120 | unsigned int n; | 124 | unsigned int n; |
| 121 | size_t l=0; | 125 | size_t l = 0; |
| 122 | 126 | ||
| 123 | assert(*num < 16); | 127 | assert(*num < 16); |
| 124 | 128 | ||
| 125 | n = *num; | 129 | n = *num; |
| 126 | 130 | ||
| 127 | #if !defined(OPENSSL_SMALL_FOOTPRINT) | 131 | #if !defined(OPENSSL_SMALL_FOOTPRINT) |
| 128 | if (16%sizeof(size_t) == 0) do { /* always true actually */ | 132 | if (16 % sizeof(size_t) == 0) |
| 129 | while (n && len) { | 133 | do { /* always true actually */ |
| 130 | *(out++) = *(in++) ^ ecount_buf[n]; | 134 | while (n && len) { |
| 131 | --len; | 135 | *(out++) = *(in++) ^ ecount_buf[n]; |
| 132 | n = (n+1) % 16; | 136 | --len; |
| 133 | } | 137 | n = (n + 1) % 16; |
| 138 | } | ||
| 134 | 139 | ||
| 135 | #ifdef __STRICT_ALIGNMENT | 140 | #ifdef __STRICT_ALIGNMENT |
| 136 | if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) | 141 | if (((size_t)in|(size_t)out|(size_t)ivec) % |
| 137 | break; | 142 | sizeof(size_t) != 0) |
| 143 | break; | ||
| 138 | #endif | 144 | #endif |
| 139 | while (len>=16) { | 145 | while (len >= 16) { |
| 140 | (*block)(ivec, ecount_buf, key); | 146 | (*block)(ivec, ecount_buf, key); |
| 141 | ctr128_inc_aligned(ivec); | 147 | ctr128_inc_aligned(ivec); |
| 142 | for (; n<16; n+=sizeof(size_t)) | 148 | for (; n < 16; n += sizeof(size_t)) |
| 143 | *(size_t *)(out+n) = | 149 | *(size_t *)(out + n) = |
| 144 | *(size_t *)(in+n) ^ *(size_t *)(ecount_buf+n); | 150 | *(size_t *)(in + n) ^ *(size_t *)(ecount_buf + |
| 145 | len -= 16; | 151 | n); |
| 146 | out += 16; | 152 | len -= 16; |
| 147 | in += 16; | 153 | out += 16; |
| 148 | n = 0; | 154 | in += 16; |
| 149 | } | 155 | n = 0; |
| 150 | if (len) { | ||
| 151 | (*block)(ivec, ecount_buf, key); | ||
| 152 | ctr128_inc_aligned(ivec); | ||
| 153 | while (len--) { | ||
| 154 | out[n] = in[n] ^ ecount_buf[n]; | ||
| 155 | ++n; | ||
| 156 | } | 156 | } |
| 157 | } | 157 | if (len) { |
| 158 | *num = n; | 158 | (*block)(ivec, ecount_buf, key); |
| 159 | return; | 159 | ctr128_inc_aligned(ivec); |
| 160 | } while(0); | 160 | while (len--) { |
| 161 | out[n] = in[n] ^ ecount_buf[n]; | ||
| 162 | ++n; | ||
| 163 | } | ||
| 164 | } | ||
| 165 | *num = n; | ||
| 166 | return; | ||
| 167 | } while (0); | ||
| 161 | /* the rest would be commonly eliminated by x86* compiler */ | 168 | /* the rest would be commonly eliminated by x86* compiler */ |
| 162 | #endif | 169 | #endif |
| 163 | while (l<len) { | 170 | while (l < len) { |
| 164 | if (n==0) { | 171 | if (n == 0) { |
| 165 | (*block)(ivec, ecount_buf, key); | 172 | (*block)(ivec, ecount_buf, key); |
| 166 | ctr128_inc(ivec); | 173 | ctr128_inc(ivec); |
| 167 | } | 174 | } |
| 168 | out[l] = in[l] ^ ecount_buf[n]; | 175 | out[l] = in[l] ^ ecount_buf[n]; |
| 169 | ++l; | 176 | ++l; |
| 170 | n = (n+1) % 16; | 177 | n = (n + 1) % 16; |
| 171 | } | 178 | } |
| 172 | 179 | ||
| 173 | *num=n; | 180 | *num = n; |
| 174 | } | 181 | } |
| 175 | 182 | ||
| 176 | /* increment upper 96 bits of 128-bit counter by 1 */ | 183 | /* increment upper 96 bits of 128-bit counter by 1 */ |
| 177 | static void ctr96_inc(unsigned char *counter) { | 184 | static void |
| 178 | u32 n=12; | 185 | ctr96_inc(unsigned char *counter) |
| 186 | { | ||
| 187 | u32 n = 12; | ||
| 179 | u8 c; | 188 | u8 c; |
| 180 | 189 | ||
| 181 | do { | 190 | do { |
| @@ -183,16 +192,18 @@ static void ctr96_inc(unsigned char *counter) { | |||
| 183 | c = counter[n]; | 192 | c = counter[n]; |
| 184 | ++c; | 193 | ++c; |
| 185 | counter[n] = c; | 194 | counter[n] = c; |
| 186 | if (c) return; | 195 | if (c) |
| 196 | return; | ||
| 187 | } while (n); | 197 | } while (n); |
| 188 | } | 198 | } |
| 189 | 199 | ||
| 190 | void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out, | 200 | void |
| 191 | size_t len, const void *key, | 201 | CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out, |
| 192 | unsigned char ivec[16], unsigned char ecount_buf[16], | 202 | size_t len, const void *key, |
| 193 | unsigned int *num, ctr128_f func) | 203 | unsigned char ivec[16], unsigned char ecount_buf[16], |
| 204 | unsigned int *num, ctr128_f func) | ||
| 194 | { | 205 | { |
| 195 | unsigned int n,ctr32; | 206 | unsigned int n, ctr32; |
| 196 | 207 | ||
| 197 | assert(*num < 16); | 208 | assert(*num < 16); |
| 198 | 209 | ||
| @@ -201,19 +212,20 @@ void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out, | |||
| 201 | while (n && len) { | 212 | while (n && len) { |
| 202 | *(out++) = *(in++) ^ ecount_buf[n]; | 213 | *(out++) = *(in++) ^ ecount_buf[n]; |
| 203 | --len; | 214 | --len; |
| 204 | n = (n+1) % 16; | 215 | n = (n + 1) % 16; |
| 205 | } | 216 | } |
| 206 | 217 | ||
| 207 | ctr32 = GETU32(ivec+12); | 218 | ctr32 = GETU32(ivec + 12); |
| 208 | while (len>=16) { | 219 | while (len >= 16) { |
| 209 | size_t blocks = len/16; | 220 | size_t blocks = len/16; |
| 210 | /* | 221 | /* |
| 211 | * 1<<28 is just a not-so-small yet not-so-large number... | 222 | * 1<<28 is just a not-so-small yet not-so-large number... |
| 212 | * Below condition is practically never met, but it has to | 223 | * Below condition is practically never met, but it has to |
| 213 | * be checked for code correctness. | 224 | * be checked for code correctness. |
| 214 | */ | 225 | */ |
| 215 | if (sizeof(size_t)>sizeof(unsigned int) && blocks>(1U<<28)) | 226 | if (sizeof(size_t) > sizeof(unsigned int) && |
| 216 | blocks = (1U<<28); | 227 | blocks > (1U << 28)) |
| 228 | blocks = (1U << 28); | ||
| 217 | /* | 229 | /* |
| 218 | * As (*func) operates on 32-bit counter, caller | 230 | * As (*func) operates on 32-bit counter, caller |
| 219 | * has to handle overflow. 'if' below detects the | 231 | * has to handle overflow. 'if' below detects the |
| @@ -223,29 +235,31 @@ void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out, | |||
| 223 | ctr32 += (u32)blocks; | 235 | ctr32 += (u32)blocks; |
| 224 | if (ctr32 < blocks) { | 236 | if (ctr32 < blocks) { |
| 225 | blocks -= ctr32; | 237 | blocks -= ctr32; |
| 226 | ctr32 = 0; | 238 | ctr32 = 0; |
| 227 | } | 239 | } |
| 228 | (*func)(in,out,blocks,key,ivec); | 240 | (*func)(in, out, blocks, key, ivec); |
| 229 | /* (*ctr) does not update ivec, caller does: */ | 241 | /* (*ctr) does not update ivec, caller does: */ |
| 230 | PUTU32(ivec+12,ctr32); | 242 | PUTU32(ivec + 12, ctr32); |
| 231 | /* ... overflow was detected, propagate carry. */ | 243 | /* ... overflow was detected, propagate carry. */ |
| 232 | if (ctr32 == 0) ctr96_inc(ivec); | 244 | if (ctr32 == 0) |
| 245 | ctr96_inc(ivec); | ||
| 233 | blocks *= 16; | 246 | blocks *= 16; |
| 234 | len -= blocks; | 247 | len -= blocks; |
| 235 | out += blocks; | 248 | out += blocks; |
| 236 | in += blocks; | 249 | in += blocks; |
| 237 | } | 250 | } |
| 238 | if (len) { | 251 | if (len) { |
| 239 | memset(ecount_buf,0,16); | 252 | memset(ecount_buf, 0, 16); |
| 240 | (*func)(ecount_buf,ecount_buf,1,key,ivec); | 253 | (*func)(ecount_buf, ecount_buf, 1, key, ivec); |
| 241 | ++ctr32; | 254 | ++ctr32; |
| 242 | PUTU32(ivec+12,ctr32); | 255 | PUTU32(ivec + 12, ctr32); |
| 243 | if (ctr32 == 0) ctr96_inc(ivec); | 256 | if (ctr32 == 0) |
| 257 | ctr96_inc(ivec); | ||
| 244 | while (len--) { | 258 | while (len--) { |
| 245 | out[n] = in[n] ^ ecount_buf[n]; | 259 | out[n] = in[n] ^ ecount_buf[n]; |
| 246 | ++n; | 260 | ++n; |
| 247 | } | 261 | } |
| 248 | } | 262 | } |
| 249 | 263 | ||
| 250 | *num=n; | 264 | *num = n; |
| 251 | } | 265 | } |