From 985d3891f9e001bf43bbe8c91049c2130827979d Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sat, 14 Nov 2015 01:04:28 +0100 Subject: [PATCH] Use poly1305_state_internal_t for the state of poly1305 internal functions --- .../poly1305/donna/auth_poly1305_donna.c | 24 +++++++++++-------- .../poly1305/donna/poly1305_donna32.h | 7 ++---- .../poly1305/donna/poly1305_donna64.h | 6 ++--- 3 files changed, 18 insertions(+), 19 deletions(-) diff --git a/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c b/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c index 26ad57cb..0c470af6 100644 --- a/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c +++ b/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c @@ -10,15 +10,15 @@ #include "../onetimeauth_poly1305.h" static void -poly1305_update(crypto_onetimeauth_poly1305_state *state, const unsigned char *m, +poly1305_update(poly1305_state_internal_t *st, const unsigned char *m, unsigned long long bytes) { - poly1305_state_internal_t *st = (poly1305_state_internal_t *)(void *)state; unsigned long long i; /* handle leftover */ if (st->leftover) { unsigned long long want = (poly1305_block_size - st->leftover); + if (want > bytes) want = bytes; for (i = 0; i < want; i++) @@ -35,6 +35,7 @@ poly1305_update(crypto_onetimeauth_poly1305_state *state, const unsigned char *m /* process full blocks */ if (bytes >= poly1305_block_size) { unsigned long long want = (bytes & ~(poly1305_block_size - 1)); + poly1305_blocks(st, m, want); m += want; bytes -= want; @@ -42,8 +43,9 @@ poly1305_update(crypto_onetimeauth_poly1305_state *state, const unsigned char *m /* store leftover */ if (bytes) { - for (i = 0; i < bytes; i++) + for (i = 0; i < bytes; i++) { st->buffer[st->leftover + i] = m[i]; + } st->leftover += bytes; } } @@ -53,10 +55,11 @@ crypto_onetimeauth_poly1305_donna(unsigned char *out, const unsigned char *m, unsigned long long inlen, const unsigned char *key) { - crypto_onetimeauth_poly1305_state state; - poly1305_init(&state, key); - poly1305_update(&state, m, inlen); - poly1305_finish(&state, out); + CRYPTO_ALIGN(64) crypto_onetimeauth_poly1305_state state; + + poly1305_init((poly1305_state_internal_t *)(void *) &state, key); + poly1305_update((poly1305_state_internal_t *)(void *) &state, m, inlen); + poly1305_finish((poly1305_state_internal_t *)(void *) &state, out); return 0; } @@ -67,7 +70,7 @@ crypto_onetimeauth_poly1305_donna_init(crypto_onetimeauth_poly1305_state *state, { (void) sizeof(int[sizeof (crypto_onetimeauth_poly1305_state) >= sizeof (poly1305_state_internal_t) ? 1 : -1]); - poly1305_init((crypto_onetimeauth_poly1305_state *) state, key); + poly1305_init((poly1305_state_internal_t *)(void *) state, key); return 0; } @@ -77,7 +80,7 @@ crypto_onetimeauth_poly1305_donna_update(crypto_onetimeauth_poly1305_state *stat const unsigned char *in, unsigned long long inlen) { - poly1305_update((crypto_onetimeauth_poly1305_state *) state, in, inlen); + poly1305_update((poly1305_state_internal_t *)(void *) state, in, inlen); return 0; } @@ -86,7 +89,7 @@ static int crypto_onetimeauth_poly1305_donna_final(crypto_onetimeauth_poly1305_state *state, unsigned char *out) { - poly1305_finish((crypto_onetimeauth_poly1305_state *) state, out); + poly1305_finish((poly1305_state_internal_t *)(void *) state, out); return 0; } @@ -100,6 +103,7 @@ crypto_onetimeauth_poly1305_donna_verify(const unsigned char *h, unsigned char correct[16]; crypto_onetimeauth_poly1305_donna(correct,in,inlen,k); + return crypto_verify_16(h,correct); } diff --git a/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna32.h b/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna32.h index a2f7c9c6..542c7c79 100644 --- a/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna32.h +++ b/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna32.h @@ -44,10 +44,8 @@ U32TO8(unsigned char *p, unsigned long v) } static void -poly1305_init(crypto_onetimeauth_poly1305_state *state, const unsigned char key[32]) +poly1305_init(poly1305_state_internal_t *st, const unsigned char key[32]) { - poly1305_state_internal_t *st = (poly1305_state_internal_t *)(void *)state; - /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ st->r[0] = (U8TO32(&key[ 0]) ) & 0x3ffffff; st->r[1] = (U8TO32(&key[ 3]) >> 2) & 0x3ffff03; @@ -135,9 +133,8 @@ poly1305_blocks(poly1305_state_internal_t *st, const unsigned char *m, unsigned } static POLY1305_NOINLINE void -poly1305_finish(crypto_onetimeauth_poly1305_state *state, unsigned char mac[16]) +poly1305_finish(poly1305_state_internal_t *st, unsigned char mac[16]) { - poly1305_state_internal_t *st = (poly1305_state_internal_t *)(void *)state; unsigned long h0,h1,h2,h3,h4,c; unsigned long g0,g1,g2,g3,g4; unsigned long long f; diff --git a/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna64.h b/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna64.h index 6489e91c..737e27c1 100644 --- a/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna64.h +++ b/src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna64.h @@ -58,9 +58,8 @@ U64TO8(unsigned char *p, unsigned long long v) } static void -poly1305_init(crypto_onetimeauth_poly1305_state *state, const unsigned char key[32]) +poly1305_init(poly1305_state_internal_t *st, const unsigned char key[32]) { - poly1305_state_internal_t *st = (poly1305_state_internal_t *)(void *)state; unsigned long long t0,t1; /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ @@ -139,9 +138,8 @@ poly1305_blocks(poly1305_state_internal_t *st, const unsigned char *m, unsigned static POLY1305_NOINLINE void -poly1305_finish(crypto_onetimeauth_poly1305_state *state, unsigned char mac[16]) +poly1305_finish(poly1305_state_internal_t *st, unsigned char mac[16]) { - poly1305_state_internal_t *st = (poly1305_state_internal_t *)(void *)state; unsigned long long h0,h1,h2,c; unsigned long long g0,g1,g2; unsigned long long t0,t1;