From bba8249f4a4796cd207dae604858ef3838bb0384 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 30 Nov 2013 07:38:08 +0100 Subject: generic-gcm: convert to the new common method helpers --- src/methods/generic_gcm/generic_gcm.c | 49 +++++++++++++---------------------- 1 file changed, 18 insertions(+), 31 deletions(-) (limited to 'src') diff --git a/src/methods/generic_gcm/generic_gcm.c b/src/methods/generic_gcm/generic_gcm.c index fc665dd..0817a57 100644 --- a/src/methods/generic_gcm/generic_gcm.c +++ b/src/methods/generic_gcm/generic_gcm.c @@ -156,8 +156,7 @@ static inline void put_size(fastd_block128_t *out, size_t len) { } static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fastd_method_session_state_t *session, fastd_buffer_t *out, fastd_buffer_t in) { - fastd_buffer_pull_head(ctx, &in, sizeof(fastd_block128_t)); - memset(in.data, 0, sizeof(fastd_block128_t)); + fastd_buffer_pull_head_zero(ctx, &in, sizeof(fastd_block128_t)); size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len; *out = fastd_buffer_alloc(ctx, in.len, alignto(COMMON_HEADBYTES, 16), sizeof(fastd_block128_t)+tail_len); @@ -165,17 +164,14 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast if (tail_len) memset(in.data+in.len, 0, tail_len); - size_t iv_length = session->method->cipher_info->iv_length; - uint8_t nonce[iv_length]; - memset(nonce, 0, iv_length); - memcpy(nonce, session->common.send_nonce, COMMON_NONCEBYTES); - nonce[iv_length-1] = 1; + uint8_t nonce[session->method->cipher_info->iv_length]; + fastd_method_expand_nonce(nonce, session->common.send_nonce, sizeof(nonce)); int n_blocks = block_count(in.len, sizeof(fastd_block128_t)); fastd_block128_t *inblocks = in.data; fastd_block128_t *outblocks = out->data; - fastd_block128_t sig; + fastd_block128_t tag; bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); @@ -185,27 +181,21 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast put_size(&outblocks[n_blocks], in.len-sizeof(fastd_block128_t)); - ok = session->ghash->hash(session->ghash_state, &sig, outblocks+1, n_blocks); + ok = session->ghash->hash(session->ghash_state, &tag, outblocks+1, n_blocks); } if (!ok) { - /* restore original buffer */ - fastd_buffer_push_head(ctx, &in, sizeof(fastd_block128_t)); fastd_buffer_free(*out); return false; } - xor_a(&outblocks[0], sig); + xor_a(&outblocks[0], tag); fastd_buffer_free(in); - fastd_buffer_pull_head(ctx, out, COMMON_HEADBYTES); - - memcpy(out->data, session->common.send_nonce, COMMON_NONCEBYTES); + fastd_method_put_common_header(ctx, out, session->common.send_nonce, 0); fastd_method_increment_nonce(&session->common); - ((uint8_t*)out->data)[COMMON_NONCEBYTES] = 0; /* flags */ - return true; } @@ -216,20 +206,17 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho if (!method_session_is_valid(ctx, session)) return false; - if (((const uint8_t*)in.data)[COMMON_NONCEBYTES]) /* flags */ + uint8_t in_nonce[COMMON_NONCEBYTES]; + uint8_t flags; + int64_t age; + if (!fastd_method_handle_common_header(ctx, &session->common, &in, in_nonce, &flags, &age)) return false; - size_t iv_length = session->method->cipher_info->iv_length; - uint8_t nonce[iv_length]; - memset(nonce, 0, iv_length); - memcpy(nonce, in.data, COMMON_NONCEBYTES); - nonce[iv_length-1] = 1; - - int64_t age; - if (!fastd_method_is_nonce_valid(ctx, &session->common, nonce, &age)) + if (flags) return false; - fastd_buffer_push_head(ctx, &in, COMMON_HEADBYTES); + uint8_t nonce[session->method->cipher_info->iv_length]; + fastd_method_expand_nonce(nonce, in_nonce, sizeof(nonce)); size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len; *out = fastd_buffer_alloc(ctx, in.len, 0, tail_len); @@ -238,7 +225,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho fastd_block128_t *inblocks = in.data; fastd_block128_t *outblocks = out->data; - fastd_block128_t sig; + fastd_block128_t tag; bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); @@ -248,10 +235,10 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho put_size(&inblocks[n_blocks], in.len-sizeof(fastd_block128_t)); - ok = session->ghash->hash(session->ghash_state, &sig, inblocks+1, n_blocks); + ok = session->ghash->hash(session->ghash_state, &tag, inblocks+1, n_blocks); } - if (!ok || memcmp(&sig, &outblocks[0], sizeof(fastd_block128_t)) != 0) { + if (!ok || memcmp(&tag, &outblocks[0], sizeof(fastd_block128_t)) != 0) { fastd_buffer_free(*out); return false; } @@ -260,7 +247,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho fastd_buffer_push_head(ctx, out, sizeof(fastd_block128_t)); - if (!fastd_method_reorder_check(ctx, peer, &session->common, nonce, age)) { + if (!fastd_method_reorder_check(ctx, peer, &session->common, in_nonce, age)) { fastd_buffer_free(*out); *out = fastd_buffer_alloc(ctx, 0, 0, 0); } -- cgit v1.2.3