Skip to content

L
libvmod-ece
Commit fc3d6f4f authored by Geoff Simmons's avatar Geoff Simmons
Browse files
Options

Nonce XORing with wider integer types.

parent d51371e8
Hide whitespace changes
Inline Side-by-side
Showing with 14 additions and 27 deletions
src/vfp.c
View file @ fc3d6f4f
...@@ -54,7 +54,8 @@ struct ece_crypto { ...@@ -54,7 +54,8 @@ struct ece_crypto {
unsigned magic; unsigned magic;
#define ECE_CRYPTO_MAGIC 0xe7f66e91 #define ECE_CRYPTO_MAGIC 0xe7f66e91
unsigned char cek[AES128_KEYLEN]; unsigned char cek[AES128_KEYLEN];
unsigned char prenonce[NONCE_LEN]; uint64_t prenonce_lo;
uint32_t prenonce_hi;
}; };
struct ece { struct ece {
...@@ -104,7 +105,7 @@ decrypt_init(struct ece *ece, struct vfp_ctx *ctx) ...@@ -104,7 +105,7 @@ decrypt_init(struct ece *ece, struct vfp_ctx *ctx)
{ {
size_t len; size_t len;
uint8_t idlen, *key, hdr[HDR_PREFIX_LEN], id[ID_LEN], prk[SHA256_LEN], uint8_t idlen, *key, hdr[HDR_PREFIX_LEN], id[ID_LEN], prk[SHA256_LEN],
cek[SHA256_LEN]; cek[SHA256_LEN], prenonce[NONCE_LEN];
char errmsg[ERRMSG_LEN]; char errmsg[ERRMSG_LEN];
enum vfp_status vp; enum vfp_status vp;
...@@ -159,9 +160,12 @@ decrypt_init(struct ece *ece, struct vfp_ctx *ctx) ...@@ -159,9 +160,12 @@ decrypt_init(struct ece *ece, struct vfp_ctx *ctx)
if (vp == VFP_ERROR) if (vp == VFP_ERROR)
return (vp); return (vp);
if (derive_cek(prk, cek, errmsg) != 0 if (derive_cek(prk, cek, errmsg) != 0
|| derive_prenonce(prk, ece->crypto->prenonce, errmsg) != 0) || derive_prenonce(prk, prenonce, errmsg) != 0)
return (VERR_DEC(ctx, "%s", errmsg)); return (VERR_DEC(ctx, "%s", errmsg));
ece->crypto->prenonce_hi = vbe32dec(prenonce);
ece->crypto->prenonce_lo = vbe64dec(prenonce + 4);
memcpy(ece->crypto->cek, cek, AES128_KEYLEN); memcpy(ece->crypto->cek, cek, AES128_KEYLEN);
return (VFP_OK); return (VFP_OK);
} }
...@@ -183,36 +187,19 @@ seq_inc(struct ece *ece) ...@@ -183,36 +187,19 @@ seq_inc(struct ece *ece)
static inline void static inline void
nonce_xor_seq(struct ece *ece, uint8_t *nonce) nonce_xor_seq(struct ece *ece, uint8_t *nonce)
{ {
uint8_t seq[NONCE_LEN]; uint32_t nonce_hi;
uint64_t nonce_lo;
CHECK_OBJ_NOTNULL(ece, ECE_MAGIC);
CHECK_OBJ_NOTNULL(ece->crypto, ECE_CRYPTO_MAGIC);
vbe32enc(seq, ece->seq_hi);
vbe64enc(seq + 4, ece->seq_lo);
for (int i = 0; i < NONCE_LEN; i++)
nonce[i] = ece->crypto->prenonce[i] ^ seq[i];
}
#if 0
static inline void
nonce_xor_seq(struct ece *ece, uint8_t *nonce)
{
uint32_t *nonce_hi, *prenonce_hi;
uint64_t *nonce_lo, *prenonce_lo;
CHECK_OBJ_NOTNULL(ece, ECE_MAGIC); CHECK_OBJ_NOTNULL(ece, ECE_MAGIC);
CHECK_OBJ_NOTNULL(ece->crypto, ECE_CRYPTO_MAGIC); CHECK_OBJ_NOTNULL(ece->crypto, ECE_CRYPTO_MAGIC);
AN(nonce);
nonce_hi = (uint32_t *)nonce; nonce_hi = ece->crypto->prenonce_hi ^ ece->seq_hi;
prenonce_hi = (uint32_t *)ece->crypto->prenonce; nonce_lo = ece->crypto->prenonce_lo ^ ece->seq_lo;
nonce_lo = (uint64_t *)(nonce + 4);
prenonce_lo = (uint64_t *)(ece->crypto->prenonce + 4);
*nonce_hi = *prenonce_hi ^ ece->seq_hi; vbe32enc(nonce, nonce_hi);
*nonce_lo = *prenonce_lo ^ ece->seq_lo; vbe64enc(nonce + 4, nonce_lo);
} }
#endif
static enum vfp_status static enum vfp_status
decrypt(struct ece *ece, struct vfp_ctx *ctx, unsigned char *plaintext, decrypt(struct ece *ece, struct vfp_ctx *ctx, unsigned char *plaintext,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment