From eb891d772d6901c88c93375af0e882c77b07e647 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 30 Nov 2013 07:46:01 +0100 Subject: generic-gmac: convert to the new common method helpers --- src/methods/generic_gmac/generic_gmac.c | 50 ++++++++++++--------------------- 1 file changed, 18 insertions(+), 32 deletions(-) diff --git a/src/methods/generic_gmac/generic_gmac.c b/src/methods/generic_gmac/generic_gmac.c index e9224f6..825bf48 100644 --- a/src/methods/generic_gmac/generic_gmac.c +++ b/src/methods/generic_gmac/generic_gmac.c @@ -139,8 +139,7 @@ static inline void put_size(fastd_block128_t *out, size_t len) { } static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fastd_method_session_state_t *session, fastd_buffer_t *out, fastd_buffer_t in) { - fastd_buffer_pull_head(ctx, &in, sizeof(fastd_block128_t)); - memset(in.data, 0, sizeof(fastd_block128_t)); + fastd_buffer_pull_head_zero(ctx, &in, sizeof(fastd_block128_t)); size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len; *out = fastd_buffer_alloc(ctx, in.len, alignto(COMMON_HEADBYTES, 16), sizeof(fastd_block128_t)+tail_len); @@ -148,17 +147,14 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast if (tail_len) memset(in.data+in.len, 0, tail_len); - size_t iv_length = session->method->cipher_info->iv_length; - uint8_t nonce[iv_length]; - memset(nonce, 0, iv_length); - memcpy(nonce, session->common.send_nonce, COMMON_NONCEBYTES); - nonce[iv_length-1] = 1; + uint8_t nonce[session->method->cipher_info->iv_length]; + fastd_method_expand_nonce(nonce, session->common.send_nonce, sizeof(nonce)); int n_blocks = block_count(in.len, sizeof(fastd_block128_t)); fastd_block128_t *inblocks = in.data; fastd_block128_t *outblocks = out->data; - fastd_block128_t sig; + fastd_block128_t tag; bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); @@ -168,27 +164,21 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast put_size(&outblocks[n_blocks], in.len-sizeof(fastd_block128_t)); - ok = session->ghash->hash(session->ghash_state, &sig, outblocks+1, n_blocks); + ok = session->ghash->hash(session->ghash_state, &tag, outblocks+1, n_blocks); } if (!ok) { - /* restore original buffer */ - fastd_buffer_push_head(ctx, &in, sizeof(fastd_block128_t)); fastd_buffer_free(*out); return false; } - xor_a(&outblocks[0], sig); + xor_a(&outblocks[0], tag); fastd_buffer_free(in); - fastd_buffer_pull_head(ctx, out, COMMON_HEADBYTES); - - memcpy(out->data, session->common.send_nonce, COMMON_NONCEBYTES); + fastd_method_put_common_header(ctx, out, session->common.send_nonce, 0); fastd_method_increment_nonce(&session->common); - ((uint8_t*)out->data)[COMMON_NONCEBYTES] = 0; /* flags */ - return true; } @@ -199,21 +189,17 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho if (!method_session_is_valid(ctx, session)) return false; - if (((const uint8_t*)in.data)[COMMON_NONCEBYTES]) /* flags */ + uint8_t in_nonce[COMMON_NONCEBYTES]; + uint8_t flags; + int64_t age; + if (!fastd_method_handle_common_header(ctx, &session->common, &in, in_nonce, &flags, &age)) return false; - - size_t iv_length = session->method->cipher_info->iv_length; - uint8_t nonce[iv_length]; - memset(nonce, 0, iv_length); - memcpy(nonce, in.data, COMMON_NONCEBYTES); - nonce[iv_length-1] = 1; - - int64_t age; - if (!fastd_method_is_nonce_valid(ctx, &session->common, nonce, &age)) + if (flags) return false; - fastd_buffer_push_head(ctx, &in, COMMON_HEADBYTES); + uint8_t nonce[session->method->cipher_info->iv_length]; + fastd_method_expand_nonce(nonce, in_nonce, sizeof(nonce)); size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len; *out = fastd_buffer_alloc(ctx, in.len, 0, tail_len); @@ -222,7 +208,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho fastd_block128_t *inblocks = in.data; fastd_block128_t *outblocks = out->data; - fastd_block128_t sig; + fastd_block128_t tag; bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); @@ -232,10 +218,10 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho put_size(&inblocks[n_blocks], in.len-sizeof(fastd_block128_t)); - ok = session->ghash->hash(session->ghash_state, &sig, inblocks+1, n_blocks); + ok = session->ghash->hash(session->ghash_state, &tag, inblocks+1, n_blocks); } - if (!ok || memcmp(&sig, &outblocks[0], sizeof(fastd_block128_t)) != 0) { + if (!ok || memcmp(&tag, &outblocks[0], sizeof(fastd_block128_t)) != 0) { fastd_buffer_free(*out); return false; } @@ -244,7 +230,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho fastd_buffer_push_head(ctx, out, sizeof(fastd_block128_t)); - if (!fastd_method_reorder_check(ctx, peer, &session->common, nonce, age)) { + if (!fastd_method_reorder_check(ctx, peer, &session->common, in_nonce, age)) { fastd_buffer_free(*out); *out = fastd_buffer_alloc(ctx, 0, 0, 0); } -- cgit v1.2.3