mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-10 04:13:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Save 14 bytes in CTR-DRBG

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2024-01-13 16:43:18 +00:00
parent 591ff05384
commit 174eeff235
1 changed files with 12 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
library/ctr_drbg.c
View File

@ -369,9 +369,7 @@ static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx,
p += MBEDTLS_CTR_DRBG_BLOCKSIZE; p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
} }
for (i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++) { mbedtls_xor(tmp, tmp, data, MBEDTLS_CTR_DRBG_SEEDLEN);
tmp[i] ^= data[i];
}
/* /*
* Update key and counter * Update key and counter
@ -614,10 +612,11 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng,
{ {
int ret = 0; int ret = 0;
mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char *p = output; unsigned char *p = output;
struct {
unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE]; unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE];
int i; } locals;
size_t use_len; size_t use_len;
if (output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST) { if (output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST) {
@ -628,7 +627,7 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng,
return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
} }
memset(add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN); memset(locals.add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN);
if (ctx->reseed_counter > ctx->reseed_interval || if (ctx->reseed_counter > ctx->reseed_interval ||
ctx->prediction_resistance) { ctx->prediction_resistance) {
@ -639,10 +638,10 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng,
} }
if (add_len > 0) { if (add_len > 0) {
if ((ret = block_cipher_df(add_input, additional, add_len)) != 0) { if ((ret = block_cipher_df(locals.add_input, additional, add_len)) != 0) {
goto exit; goto exit;
} }
if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { if ((ret = ctr_drbg_update_internal(ctx, locals.add_input)) != 0) {
goto exit; goto exit;
} }
} }
@ -658,7 +657,7 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng,
*/ */
#if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_AES_C)
if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
ctx->counter, tmp)) != 0) { ctx->counter, locals.tmp)) != 0) {
goto exit; goto exit;
} }
#else #else
@ -678,20 +677,19 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng,
/* /*
* Copy random block to destination * Copy random block to destination
*/ */
memcpy(p, tmp, use_len); memcpy(p, locals.tmp, use_len);
p += use_len; p += use_len;
output_len -= use_len; output_len -= use_len;
} }
if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { if ((ret = ctr_drbg_update_internal(ctx, locals.add_input)) != 0) {
goto exit; goto exit;
} }
ctx->reseed_counter++; ctx->reseed_counter++;
exit: exit:
mbedtls_platform_zeroize(add_input, sizeof(add_input)); mbedtls_platform_zeroize(&locals, sizeof(locals));
mbedtls_platform_zeroize(tmp, sizeof(tmp));
return ret; return ret;
} }