kevin/libsodium
1
Fork 0
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-19 18:15:18 -07:00
Code Releases Wiki Activity

AEGIS: add a specialized function to absorb the AD

Browse Source
This commit is contained in:
Frank Denis 2022-11-20 18:16:13 +01:00
parent 43d5a33931
commit ece8e60524
4 changed files with 54 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/libsodium/crypto_aead/aegis128l/aesni/aead_aegis128l_aesni.c
View File

@ -110,6 +110,16 @@ crypto_aead_aegis128l_mac(unsigned char *mac, unsigned long long adlen, unsigned
AES_BLOCK_STORE((aes_block_t *) (void *) mac, tmp); AES_BLOCK_STORE((aes_block_t *) (void *) mac, tmp);
} }
static inline void
crypto_aead_aegis128l_absorb(const unsigned char *const src, aes_block_t *const state)
{
aes_block_t msg0, msg1;
msg0 = AES_BLOCK_LOAD(src);
msg1 = AES_BLOCK_LOAD(src + 16);
crypto_aead_aegis128l_update(state, msg0, msg1);
}
static void static void
crypto_aead_aegis128l_enc(unsigned char *const dst, const unsigned char *const src, crypto_aead_aegis128l_enc(unsigned char *const dst, const unsigned char *const src,
aes_block_t *const state) aes_block_t *const state)
@ -167,12 +177,12 @@ crypto_aead_aegis128l_encrypt_detached(unsigned char *c, unsigned char *mac,
crypto_aead_aegis128l_init(k, npub, state); crypto_aead_aegis128l_init(k, npub, state);
for (i = 0ULL; i + 32ULL <= adlen; i += 32ULL) { for (i = 0ULL; i + 32ULL <= adlen; i += 32ULL) {
crypto_aead_aegis128l_enc(dst, ad + i, state); crypto_aead_aegis128l_absorb(ad + i, state);
} }
if (adlen & 0x1f) { if (adlen & 0x1f) {
memset(src, 0, 32); memset(src, 0, 32);
memcpy(src, ad + i, adlen & 0x1f); memcpy(src, ad + i, adlen & 0x1f);
crypto_aead_aegis128l_enc(dst, src, state); crypto_aead_aegis128l_absorb(src, state);
} }
for (i = 0ULL; i + 32ULL <= mlen; i += 32ULL) { for (i = 0ULL; i + 32ULL <= mlen; i += 32ULL) {
crypto_aead_aegis128l_enc(c + i, m + i, state); crypto_aead_aegis128l_enc(c + i, m + i, state);
@ -238,12 +248,12 @@ crypto_aead_aegis128l_decrypt_detached(unsigned char *m, unsigned char *nsec,
crypto_aead_aegis128l_init(k, npub, state); crypto_aead_aegis128l_init(k, npub, state);
for (i = 0ULL; i + 32ULL <= adlen; i += 32ULL) { for (i = 0ULL; i + 32ULL <= adlen; i += 32ULL) {
crypto_aead_aegis128l_enc(dst, ad + i, state); crypto_aead_aegis128l_absorb(ad + i, state);
} }
if (adlen & 0x1f) { if (adlen & 0x1f) {
memset(src, 0, 32); memset(src, 0, 32);
memcpy(src, ad + i, adlen & 0x1f); memcpy(src, ad + i, adlen & 0x1f);
crypto_aead_aegis128l_enc(dst, src, state); crypto_aead_aegis128l_absorb(src, state);
} }
if (m != NULL) { if (m != NULL) {
for (i = 0ULL; i + 32ULL <= mlen; i += 32ULL) { for (i = 0ULL; i + 32ULL <= mlen; i += 32ULL) {

18
src/libsodium/crypto_aead/aegis128l/armcrypto/aead_aegis128l_armcrypto.c
View File

@ -99,6 +99,16 @@ crypto_aead_aegis128l_mac(unsigned char *mac, unsigned long long adlen, unsigned
AES_BLOCK_STORE(mac, tmp); AES_BLOCK_STORE(mac, tmp);
} }
static inline void
crypto_aead_aegis128l_absorb(const unsigned char *const src, aes_block_t *const state)
{
aes_block_t msg0, msg1;
msg0 = AES_BLOCK_LOAD(src);
msg1 = AES_BLOCK_LOAD(src + 16);
crypto_aead_aegis128l_update(state, msg0, msg1);
}
static void static void
crypto_aead_aegis128l_enc(unsigned char *const dst, crypto_aead_aegis128l_enc(unsigned char *const dst,
const unsigned char *const src, const unsigned char *const src,
@ -158,12 +168,12 @@ crypto_aead_aegis128l_encrypt_detached(unsigned char *c, unsigned char *mac,
crypto_aead_aegis128l_init(k, npub, state); crypto_aead_aegis128l_init(k, npub, state);
for (i = 0ULL; i + 32ULL <= adlen; i += 32ULL) { for (i = 0ULL; i + 32ULL <= adlen; i += 32ULL) {
crypto_aead_aegis128l_enc(dst, ad + i, state); crypto_aead_aegis128l_absorb(ad + i, state);
} }
if (adlen & 0x1f) { if (adlen & 0x1f) {
memset(src, 0, 32); memset(src, 0, 32);
memcpy(src, ad + i, adlen & 0x1f); memcpy(src, ad + i, adlen & 0x1f);
crypto_aead_aegis128l_enc(dst, src, state); crypto_aead_aegis128l_absorb(src, state);
} }
for (i = 0ULL; i + 32ULL <= mlen; i += 32ULL) { for (i = 0ULL; i + 32ULL <= mlen; i += 32ULL) {
crypto_aead_aegis128l_enc(c + i, m + i, state); crypto_aead_aegis128l_enc(c + i, m + i, state);
@ -229,12 +239,12 @@ crypto_aead_aegis128l_decrypt_detached(unsigned char *m, unsigned char *nsec,
crypto_aead_aegis128l_init(k, npub, state); crypto_aead_aegis128l_init(k, npub, state);
for (i = 0ULL; i + 32ULL <= adlen; i += 32ULL) { for (i = 0ULL; i + 32ULL <= adlen; i += 32ULL) {
crypto_aead_aegis128l_enc(dst, ad + i, state); crypto_aead_aegis128l_absorb(ad + i, state);
} }
if (adlen & 0x1f) { if (adlen & 0x1f) {
memset(src, 0, 32); memset(src, 0, 32);
memcpy(src, ad + i, adlen & 0x1f); memcpy(src, ad + i, adlen & 0x1f);
crypto_aead_aegis128l_enc(dst, src, state); crypto_aead_aegis128l_absorb(src, state);
} }
if (m != NULL) { if (m != NULL) {
for (i = 0ULL; i + 32ULL <= mlen; i += 32ULL) { for (i = 0ULL; i + 32ULL <= mlen; i += 32ULL) {

17
src/libsodium/crypto_aead/aegis256/aesni/aead_aegis256_aesni.c
View File

@ -108,6 +108,15 @@ crypto_aead_aegis256_mac(unsigned char *mac, unsigned long long adlen, unsigned
AES_BLOCK_STORE((aes_block_t *) (void *) mac, tmp); AES_BLOCK_STORE((aes_block_t *) (void *) mac, tmp);
} }
static inline void
crypto_aead_aegis256_absorb(const unsigned char *const src, aes_block_t *const state)
{
aes_block_t msg;
msg = AES_BLOCK_LOAD(src);
crypto_aead_aegis256_update(state, msg);
}
static void static void
crypto_aead_aegis256_enc(unsigned char *const dst, const unsigned char *const src, crypto_aead_aegis256_enc(unsigned char *const dst, const unsigned char *const src,
aes_block_t *const state) aes_block_t *const state)
@ -157,12 +166,12 @@ crypto_aead_aegis256_encrypt_detached(unsigned char *c, unsigned char *mac,
crypto_aead_aegis256_init(k, npub, state); crypto_aead_aegis256_init(k, npub, state);
for (i = 0ULL; i + 16ULL <= adlen; i += 16ULL) { for (i = 0ULL; i + 16ULL <= adlen; i += 16ULL) {
crypto_aead_aegis256_enc(dst, ad + i, state); crypto_aead_aegis256_absorb(ad + i, state);
} }
if (adlen & 0xf) { if (adlen & 0xf) {
memset(src, 0, 16); memset(src, 0, 16);
memcpy(src, ad + i, adlen & 0xf); memcpy(src, ad + i, adlen & 0xf);
crypto_aead_aegis256_enc(dst, src, state); crypto_aead_aegis256_absorb(src, state);
} }
for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) { for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) {
crypto_aead_aegis256_enc(c + i, m + i, state); crypto_aead_aegis256_enc(c + i, m + i, state);
@ -227,12 +236,12 @@ crypto_aead_aegis256_decrypt_detached(unsigned char *m, unsigned char *nsec, con
crypto_aead_aegis256_init(k, npub, state); crypto_aead_aegis256_init(k, npub, state);
for (i = 0ULL; i + 16ULL <= adlen; i += 16ULL) { for (i = 0ULL; i + 16ULL <= adlen; i += 16ULL) {
crypto_aead_aegis256_enc(dst, ad + i, state); crypto_aead_aegis256_absorb(ad + i, state);
} }
if (adlen & 0xf) { if (adlen & 0xf) {
memset(src, 0, 16); memset(src, 0, 16);
memcpy(src, ad + i, adlen & 0xf); memcpy(src, ad + i, adlen & 0xf);
crypto_aead_aegis256_enc(dst, src, state); crypto_aead_aegis256_absorb(src, state);
} }
if (m != NULL) { if (m != NULL) {
for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) { for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) {

17
src/libsodium/crypto_aead/aegis256/armcrypto/aead_aegis256_armcrypto.c
View File

@ -99,6 +99,15 @@ crypto_aead_aegis256_mac(unsigned char *mac, unsigned long long adlen, unsigned
AES_BLOCK_STORE(mac, tmp); AES_BLOCK_STORE(mac, tmp);
} }
static inline void
crypto_aead_aegis256_absorb(const unsigned char *const src, aes_block_t *const state)
{
aes_block_t msg;
msg = AES_BLOCK_LOAD(src);
crypto_aead_aegis256_update(state, msg);
}
static void static void
crypto_aead_aegis256_enc(unsigned char *const dst, crypto_aead_aegis256_enc(unsigned char *const dst,
const unsigned char *const src, const unsigned char *const src,
@ -150,12 +159,12 @@ crypto_aead_aegis256_encrypt_detached(unsigned char *c, unsigned char *mac,
crypto_aead_aegis256_init(k, npub, state); crypto_aead_aegis256_init(k, npub, state);
for (i = 0ULL; i + 16ULL <= adlen; i += 16ULL) { for (i = 0ULL; i + 16ULL <= adlen; i += 16ULL) {
crypto_aead_aegis256_enc(dst, ad + i, state); crypto_aead_aegis256_absorb(ad + i, state);
} }
if (adlen & 0xf) { if (adlen & 0xf) {
memset(src, 0, 16); memset(src, 0, 16);
memcpy(src, ad + i, adlen & 0xf); memcpy(src, ad + i, adlen & 0xf);
crypto_aead_aegis256_enc(dst, src, state); crypto_aead_aegis256_absorb(src, state);
} }
for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) { for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) {
crypto_aead_aegis256_enc(c + i, m + i, state); crypto_aead_aegis256_enc(c + i, m + i, state);
@ -220,12 +229,12 @@ crypto_aead_aegis256_decrypt_detached(unsigned char *m, unsigned char *nsec, con
crypto_aead_aegis256_init(k, npub, state); crypto_aead_aegis256_init(k, npub, state);
for (i = 0ULL; i + 16ULL <= adlen; i += 16ULL) { for (i = 0ULL; i + 16ULL <= adlen; i += 16ULL) {
crypto_aead_aegis256_enc(dst, ad + i, state); crypto_aead_aegis256_absorb(ad + i, state);
} }
if (adlen & 0xf) { if (adlen & 0xf) {
memset(src, 0, 16); memset(src, 0, 16);
memcpy(src, ad + i, adlen & 0xf); memcpy(src, ad + i, adlen & 0xf);
crypto_aead_aegis256_enc(dst, src, state); crypto_aead_aegis256_absorb(src, state);
} }
if (m != NULL) { if (m != NULL) {
for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) { for (i = 0ULL; i + 16ULL <= mlen; i += 16ULL) {