OLD | NEW |
(Empty) | |
| 1 diff --git a/nss/lib/freebl/ctr.c b/nss/lib/freebl/ctr.c |
| 2 index 3a2f1a6..4d26daa 100644 |
| 3 --- a/nss/lib/freebl/ctr.c |
| 4 +++ b/nss/lib/freebl/ctr.c |
| 5 @@ -12,6 +12,11 @@ |
| 6 #include "pkcs11t.h" |
| 7 #include "secerr.h" |
| 8 |
| 9 +#ifdef USE_HW_AES |
| 10 +#include "intel-aes.h" |
| 11 +#include "rijndael.h" |
| 12 +#endif |
| 13 + |
| 14 SECStatus |
| 15 CTR_InitContext(CTRContext *ctr, void *context, freeblCipherFunc cipher, |
| 16 const unsigned char *param, unsigned int blocksize) |
| 17 @@ -165,3 +170,60 @@ CTR_Update(CTRContext *ctr, unsigned char *outbuf, |
| 18 *outlen += inlen; |
| 19 return SECSuccess; |
| 20 } |
| 21 + |
| 22 +#if defined(USE_HW_AES) && defined(_MSC_VER) |
| 23 +SECStatus |
| 24 +CTR_Update_HW_AES(CTRContext *ctr, unsigned char *outbuf, |
| 25 + unsigned int *outlen, unsigned int maxout, |
| 26 + const unsigned char *inbuf, unsigned int inlen, |
| 27 + unsigned int blocksize) |
| 28 +{ |
| 29 + unsigned int fullblocks; |
| 30 + unsigned int tmp; |
| 31 + SECStatus rv; |
| 32 + |
| 33 + if (maxout < inlen) { |
| 34 + *outlen = inlen; |
| 35 + PORT_SetError(SEC_ERROR_OUTPUT_LEN); |
| 36 + return SECFailure; |
| 37 + } |
| 38 + *outlen = 0; |
| 39 + if (ctr->bufPtr != blocksize) { |
| 40 + unsigned int needed = PR_MIN(blocksize-ctr->bufPtr, inlen); |
| 41 + ctr_xor(outbuf, inbuf, ctr->buffer+ctr->bufPtr, needed); |
| 42 + ctr->bufPtr += needed; |
| 43 + outbuf += needed; |
| 44 + inbuf += needed; |
| 45 + *outlen += needed; |
| 46 + inlen -= needed; |
| 47 + if (inlen == 0) { |
| 48 + return SECSuccess; |
| 49 + } |
| 50 + PORT_Assert(ctr->bufPtr == blocksize); |
| 51 + } |
| 52 + |
| 53 + intel_aes_ctr_worker(((AESContext*)(ctr->context))->Nr)( |
| 54 + ctr, outbuf, outlen, maxout, inbuf, inlen, blocksize); |
| 55 + /* XXX intel_aes_ctr_worker should set *outlen. */ |
| 56 + PORT_Assert(*outlen == 0); |
| 57 + fullblocks = (inlen/blocksize)*blocksize; |
| 58 + *outlen += fullblocks; |
| 59 + outbuf += fullblocks; |
| 60 + inbuf += fullblocks; |
| 61 + inlen -= fullblocks; |
| 62 + |
| 63 + if (inlen == 0) { |
| 64 + return SECSuccess; |
| 65 + } |
| 66 + rv = (*ctr->cipher)(ctr->context, ctr->buffer, &tmp, blocksize, |
| 67 + ctr->counter, blocksize, blocksize); |
| 68 + ctr_GetNextCtr(ctr->counter, ctr->counterBits, blocksize); |
| 69 + if (rv != SECSuccess) { |
| 70 + return SECFailure; |
| 71 + } |
| 72 + ctr_xor(outbuf, inbuf, ctr->buffer, inlen); |
| 73 + ctr->bufPtr = inlen; |
| 74 + *outlen += inlen; |
| 75 + return SECSuccess; |
| 76 +} |
| 77 +#endif |
| 78 diff --git a/nss/lib/freebl/ctr.h b/nss/lib/freebl/ctr.h |
| 79 index 69ef150..e7645a2 100644 |
| 80 --- a/nss/lib/freebl/ctr.h |
| 81 +++ b/nss/lib/freebl/ctr.h |
| 82 @@ -41,4 +41,11 @@ SECStatus CTR_Update(CTRContext *ctr, unsigned char *outbuf, |
| 83 const unsigned char *inbuf, unsigned int inlen, |
| 84 unsigned int blocksize); |
| 85 |
| 86 +#ifdef USE_HW_AES |
| 87 +SECStatus CTR_Update_HW_AES(CTRContext *ctr, unsigned char *outbuf, |
| 88 + unsigned int *outlen, unsigned int maxout, |
| 89 + const unsigned char *inbuf, unsigned int inlen, |
| 90 + unsigned int blocksize); |
| 91 +#endif |
| 92 + |
| 93 #endif |
| 94 diff --git a/nss/lib/freebl/intel-aes.h b/nss/lib/freebl/intel-aes.h |
| 95 index 1e18007..3b71e5f 100644 |
| 96 --- a/nss/lib/freebl/intel-aes.h |
| 97 +++ b/nss/lib/freebl/intel-aes.h |
| 98 @@ -33,6 +33,12 @@ SECStatus intel_aes_decrypt_cbc_128(AESContext *cx, unsigned
char *output, |
| 99 const unsigned char *input, |
| 100 unsigned int inputLen, |
| 101 unsigned int blocksize); |
| 102 +SECStatus intel_aes_encrypt_ctr_128(CTRContext *cx, unsigned char *output, |
| 103 + unsigned int *outputLen, |
| 104 + unsigned int maxOutputLen, |
| 105 + const unsigned char *input, |
| 106 + unsigned int inputLen, |
| 107 + unsigned int blocksize); |
| 108 SECStatus intel_aes_encrypt_ecb_192(AESContext *cx, unsigned char *output, |
| 109 unsigned int *outputLen, |
| 110 unsigned int maxOutputLen, |
| 111 @@ -57,6 +63,12 @@ SECStatus intel_aes_decrypt_cbc_192(AESContext *cx, unsigned
char *output, |
| 112 const unsigned char *input, |
| 113 unsigned int inputLen, |
| 114 unsigned int blocksize); |
| 115 +SECStatus intel_aes_encrypt_ctr_192(CTRContext *cx, unsigned char *output, |
| 116 + unsigned int *outputLen, |
| 117 + unsigned int maxOutputLen, |
| 118 + const unsigned char *input, |
| 119 + unsigned int inputLen, |
| 120 + unsigned int blocksize); |
| 121 SECStatus intel_aes_encrypt_ecb_256(AESContext *cx, unsigned char *output, |
| 122 unsigned int *outputLen, |
| 123 unsigned int maxOutputLen, |
| 124 @@ -81,6 +93,12 @@ SECStatus intel_aes_decrypt_cbc_256(AESContext *cx, unsigned
char *output, |
| 125 const unsigned char *input, |
| 126 unsigned int inputLen, |
| 127 unsigned int blocksize); |
| 128 +SECStatus intel_aes_encrypt_ctr_256(CTRContext *cx, unsigned char *output, |
| 129 + unsigned int *outputLen, |
| 130 + unsigned int maxOutputLen, |
| 131 + const unsigned char *input, |
| 132 + unsigned int inputLen, |
| 133 + unsigned int blocksize); |
| 134 |
| 135 |
| 136 #define intel_aes_ecb_worker(encrypt, keysize) \ |
| 137 @@ -102,6 +120,11 @@ SECStatus intel_aes_decrypt_cbc_256(AESContext *cx, unsigne
d char *output, |
| 138 (keysize) == 24 ? intel_aes_decrypt_cbc_192 : \ |
| 139 intel_aes_decrypt_cbc_256)) |
| 140 |
| 141 +#define intel_aes_ctr_worker(nr) \ |
| 142 + ((nr) == 10 ? intel_aes_encrypt_ctr_128 : \ |
| 143 + (nr) == 12 ? intel_aes_encrypt_ctr_192 : \ |
| 144 + intel_aes_encrypt_ctr_256) |
| 145 + |
| 146 |
| 147 #define intel_aes_init(encrypt, keysize) \ |
| 148 do { \ |
| 149 diff --git a/nss/lib/freebl/intel-gcm-wrap.c b/nss/lib/freebl/intel-gcm-wrap.c |
| 150 index b2f6f5e..afd3029 100644 |
| 151 --- a/nss/lib/freebl/intel-gcm-wrap.c |
| 152 +++ b/nss/lib/freebl/intel-gcm-wrap.c |
| 153 @@ -3,7 +3,7 @@ |
| 154 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 155 /* Copyright(c) 2013, Intel Corp. */ |
| 156 |
| 157 -/* Wrapper funcions for Intel optimized implementation of AES-GCM */ |
| 158 +/* Wrapper functions for Intel optimized implementation of AES-GCM */ |
| 159 |
| 160 #ifdef USE_HW_AES |
| 161 |
| 162 @@ -24,12 +24,8 @@ |
| 163 #include "intel-gcm.h" |
| 164 #include "rijndael.h" |
| 165 |
| 166 -#if defined(__INTEL_COMPILER) |
| 167 -#include <ia32intrin.h> |
| 168 -#elif defined(__GNUC__) |
| 169 #include <emmintrin.h> |
| 170 #include <tmmintrin.h> |
| 171 -#endif |
| 172 |
| 173 |
| 174 struct intel_AES_GCMContextStr{ |
| 175 @@ -143,9 +139,9 @@ void intel_AES_GCM_DestroyContext(intel_AES_GCMContext *gcm,
PRBool freeit) |
| 176 |
| 177 SECStatus intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext *gcm, |
| 178 unsigned char *outbuf, |
| 179 - unsigned int *outlen, unsigned int maxout, |
| 180 - const unsigned char *inbuf, unsigned int inlen, |
| 181 - unsigned int blocksize) |
| 182 + unsigned int *outlen, unsigned int maxout, |
| 183 + const unsigned char *inbuf, unsigned int inlen, |
| 184 + unsigned int blocksize) |
| 185 { |
| 186 unsigned int tagBytes; |
| 187 unsigned char T[AES_BLOCK_SIZE]; |
| 188 @@ -189,9 +185,9 @@ SECStatus intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext *
gcm, |
| 189 |
| 190 SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *gcm, |
| 191 unsigned char *outbuf, |
| 192 - unsigned int *outlen, unsigned int maxout, |
| 193 - const unsigned char *inbuf, unsigned int inlen, |
| 194 - unsigned int blocksize) |
| 195 + unsigned int *outlen, unsigned int maxout, |
| 196 + const unsigned char *inbuf, unsigned int inlen, |
| 197 + unsigned int blocksize) |
| 198 { |
| 199 unsigned int tagBytes; |
| 200 unsigned char T[AES_BLOCK_SIZE]; |
| 201 @@ -201,13 +197,19 @@ SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext
*gcm, |
| 202 |
| 203 /* get the authentication block */ |
| 204 if (inlen < tagBytes) { |
| 205 - PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 206 + PORT_SetError(SEC_ERROR_INPUT_LEN); |
| 207 return SECFailure; |
| 208 } |
| 209 |
| 210 inlen -= tagBytes; |
| 211 intag = inbuf + inlen; |
| 212 |
| 213 + if (maxout < inlen) { |
| 214 + *outlen = inlen; |
| 215 + PORT_SetError(SEC_ERROR_OUTPUT_LEN); |
| 216 + return SECFailure; |
| 217 + } |
| 218 + |
| 219 intel_aes_gcmDEC( |
| 220 inbuf, |
| 221 outbuf, |
| 222 @@ -224,6 +226,8 @@ SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *
gcm, |
| 223 T); |
| 224 |
| 225 if (NSS_SecureMemcmp(T, intag, tagBytes) != 0) { |
| 226 + memset(outbuf, 0, inlen); |
| 227 + *outlen = 0; |
| 228 /* force a CKR_ENCRYPTED_DATA_INVALID error at in softoken */ |
| 229 PORT_SetError(SEC_ERROR_BAD_DATA); |
| 230 return SECFailure; |
| 231 diff --git a/nss/lib/freebl/rijndael.c b/nss/lib/freebl/rijndael.c |
| 232 index 8bb8905..9703867 100644 |
| 233 --- a/nss/lib/freebl/rijndael.c |
| 234 +++ b/nss/lib/freebl/rijndael.c |
| 235 @@ -1063,8 +1063,10 @@ aes_InitContext(AESContext *cx, const unsigned char *key,
unsigned int keysize, |
| 236 intel_aes_cbc_worker(encrypt, keysize); |
| 237 } else |
| 238 #endif |
| 239 + { |
| 240 cx->worker = (freeblCipherFunc) (encrypt |
| 241 ? &rijndael_encryptCBC : &rijndael_decryptCBC); |
| 242 + } |
| 243 } else { |
| 244 #if USE_HW_AES |
| 245 if (use_hw_aes) { |
| 246 @@ -1072,8 +1074,10 @@ aes_InitContext(AESContext *cx, const unsigned char *key,
unsigned int keysize, |
| 247 intel_aes_ecb_worker(encrypt, keysize); |
| 248 } else |
| 249 #endif |
| 250 + { |
| 251 cx->worker = (freeblCipherFunc) (encrypt |
| 252 ? &rijndael_encryptECB : &rijndael_decryptECB); |
| 253 + } |
| 254 } |
| 255 PORT_Assert((cx->Nb * (cx->Nr + 1)) <= RIJNDAEL_MAX_EXP_KEY_SIZE); |
| 256 if ((cx->Nb * (cx->Nr + 1)) > RIJNDAEL_MAX_EXP_KEY_SIZE) { |
| 257 @@ -1171,7 +1175,14 @@ AES_InitContext(AESContext *cx, const unsigned char *key,
unsigned int keysize, |
| 258 break; |
| 259 case NSS_AES_CTR: |
| 260 cx->worker_cx = CTR_CreateContext(cx, cx->worker, iv, blocksize); |
| 261 - cx->worker = (freeblCipherFunc) CTR_Update ; |
| 262 +#if defined(USE_HW_AES) && defined(_MSC_VER) |
| 263 + if (use_hw_aes) { |
| 264 + cx->worker = (freeblCipherFunc) CTR_Update_HW_AES; |
| 265 + } else |
| 266 +#endif |
| 267 + { |
| 268 + cx->worker = (freeblCipherFunc) CTR_Update; |
| 269 + } |
| 270 cx->destroy = (freeblDestroyFunc) CTR_DestroyContext; |
| 271 cx->isBlock = PR_FALSE; |
| 272 break; |
OLD | NEW |