forked from wolfSSL/wolfssl
AES GCM stream: arm asm fix when --enable-opensslextra
aadLen is now in gcm field of Aes.
This commit is contained in:
Sean Parkinson
@ -669,7 +669,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
|||||||
XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
|
XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
|
||||||
XMEMCPY(initalCounter, iv, ivSz);
|
XMEMCPY(initalCounter, iv, ivSz);
|
||||||
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
||||||
GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
|
GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
|
||||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
return ret;
|
return ret;
|
||||||
@ -822,7 +822,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
|||||||
XMEMCPY(initalCounter, iv, ivSz);
|
XMEMCPY(initalCounter, iv, ivSz);
|
||||||
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
||||||
tag = buf;
|
tag = buf;
|
||||||
GHASH(aes, NULL, 0, in, sz, tag, AES_BLOCK_SIZE);
|
GHASH(&aes->gcm, NULL, 0, in, sz, tag, AES_BLOCK_SIZE);
|
||||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
return ret;
|
return ret;
|
||||||
@ -874,7 +874,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
|||||||
|
|
||||||
/* check on tag */
|
/* check on tag */
|
||||||
if (authIn != NULL && authInSz > 0) {
|
if (authIn != NULL && authInSz > 0) {
|
||||||
GHASH(aes, authIn, authInSz, in, sz, tag, AES_BLOCK_SIZE);
|
GHASH(&aes->gcm, authIn, authInSz, in, sz, tag, AES_BLOCK_SIZE);
|
||||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
|||||||
@ -4721,13 +4721,13 @@ static void AesGcmInit_C(Aes* aes, const byte* iv, word32 ivSz)
|
|||||||
else {
|
else {
|
||||||
/* Counter is GHASH of IV. */
|
/* Counter is GHASH of IV. */
|
||||||
#ifdef OPENSSL_EXTRA
|
#ifdef OPENSSL_EXTRA
|
||||||
word32 aadTemp = aes->aadLen;
|
word32 aadTemp = aes->gcm.aadLen;
|
||||||
aes->aadLen = 0;
|
aes->gcm.aadLen = 0;
|
||||||
#endif
|
#endif
|
||||||
GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
|
GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
|
||||||
GMULT(counter, aes->gcm.H);
|
GMULT(counter, aes->gcm.H);
|
||||||
#ifdef OPENSSL_EXTRA
|
#ifdef OPENSSL_EXTRA
|
||||||
aes->aadLen = aadTemp;
|
aes->gcm.aadLen = aadTemp;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -4816,7 +4816,7 @@ static void AesGcmFinal_C(Aes* aes, byte* authTag, word32 authTagSz)
|
|||||||
xorbuf(authTag, AES_INITCTR(aes), authTagSz);
|
xorbuf(authTag, AES_INITCTR(aes), authTagSz);
|
||||||
#ifdef OPENSSL_EXTRA
|
#ifdef OPENSSL_EXTRA
|
||||||
/* store AAD size for next call */
|
/* store AAD size for next call */
|
||||||
aes->aadLen = aes->aSz;
|
aes->gcm.aadLen = aes->aSz;
|
||||||
#endif
|
#endif
|
||||||
/* Zeroize last block to protect sensitive data. */
|
/* Zeroize last block to protect sensitive data. */
|
||||||
ForceZero(AES_LASTBLOCK(aes), AES_BLOCK_SIZE);
|
ForceZero(AES_LASTBLOCK(aes), AES_BLOCK_SIZE);
|
||||||
|
|||||||
@ -221,7 +221,7 @@ static WC_INLINE int handle_aad( Aes* aes,
|
|||||||
byte initalCounter[AES_BLOCK_SIZE] = { 0 };
|
byte initalCounter[AES_BLOCK_SIZE] = { 0 };
|
||||||
XMEMCPY(initalCounter, iv, AEAD_NONCE_SZ);
|
XMEMCPY(initalCounter, iv, AEAD_NONCE_SZ);
|
||||||
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
||||||
GHASH(aes, authIn, authInSz, data, sz, authTag, AES_GCM_AUTH_SZ);
|
GHASH(&aes->gcm, authIn, authInSz, data, sz, authTag, AES_GCM_AUTH_SZ);
|
||||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
xorbuf(authTag, scratch, AES_GCM_AUTH_SZ);
|
xorbuf(authTag, scratch, AES_GCM_AUTH_SZ);
|
||||||
@ -558,7 +558,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out,
|
|||||||
XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
|
XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
|
||||||
XMEMCPY(initalCounter, iv, ivSz);
|
XMEMCPY(initalCounter, iv, ivSz);
|
||||||
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
||||||
GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
|
GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
|
||||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
return ret;
|
return ret;
|
||||||
@ -597,7 +597,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
|
|||||||
XMEMCPY(initalCounter, iv, ivSz);
|
XMEMCPY(initalCounter, iv, ivSz);
|
||||||
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
||||||
tag = buf;
|
tag = buf;
|
||||||
GHASH(aes, NULL, 0, in, sz, tag, AES_GCM_AUTH_SZ);
|
GHASH(&aes->gcm, NULL, 0, in, sz, tag, AES_GCM_AUTH_SZ);
|
||||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
return ret;
|
return ret;
|
||||||
@ -614,7 +614,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
|
|||||||
|
|
||||||
/* account for additional data */
|
/* account for additional data */
|
||||||
if (authIn != NULL && authInSz > 0) {
|
if (authIn != NULL && authInSz > 0) {
|
||||||
GHASH(aes, authIn, authInSz, in, sz, tag, AES_GCM_AUTH_SZ);
|
GHASH(&aes->gcm, authIn, authInSz, in, sz, tag, AES_GCM_AUTH_SZ);
|
||||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
|||||||
Reference in New Issue
Block a user