Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(102)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: patches/nss-intel-aes-windows.patch

Issue 214183004: Implement AES in different modes of operation, using AES-NI and (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master
Patch Set: Remove an assertion. ctr->cipher doesn't set *outlen. Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « nss/lib/freebl/rijndael.c ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 diff --git a/nss/lib/freebl/ctr.c b/nss/lib/freebl/ctr.c
2 index 3a2f1a6..4d26daa 100644
3 --- a/nss/lib/freebl/ctr.c
4 +++ b/nss/lib/freebl/ctr.c
5 @@ -12,6 +12,11 @@
6 #include "pkcs11t.h"
7 #include "secerr.h"
8
9 +#ifdef USE_HW_AES
10 +#include "intel-aes.h"
11 +#include "rijndael.h"
12 +#endif
13 +
14 SECStatus
15 CTR_InitContext(CTRContext *ctr, void *context, freeblCipherFunc cipher,
16 const unsigned char *param, unsigned int blocksize)
17 @@ -165,3 +170,60 @@ CTR_Update(CTRContext *ctr, unsigned char *outbuf,
18 *outlen += inlen;
19 return SECSuccess;
20 }
21 +
22 +#if defined(USE_HW_AES) && defined(_MSC_VER)
23 +SECStatus
24 +CTR_Update_HW_AES(CTRContext *ctr, unsigned char *outbuf,
25 + unsigned int *outlen, unsigned int maxout,
26 + const unsigned char *inbuf, unsigned int inlen,
27 + unsigned int blocksize)
28 +{
29 + unsigned int fullblocks;
30 + unsigned int tmp;
31 + SECStatus rv;
32 +
33 + if (maxout < inlen) {
34 + *outlen = inlen;
35 + PORT_SetError(SEC_ERROR_OUTPUT_LEN);
36 + return SECFailure;
37 + }
38 + *outlen = 0;
39 + if (ctr->bufPtr != blocksize) {
40 + unsigned int needed = PR_MIN(blocksize-ctr->bufPtr, inlen);
41 + ctr_xor(outbuf, inbuf, ctr->buffer+ctr->bufPtr, needed);
42 + ctr->bufPtr += needed;
43 + outbuf += needed;
44 + inbuf += needed;
45 + *outlen += needed;
46 + inlen -= needed;
47 + if (inlen == 0) {
48 + return SECSuccess;
49 + }
50 + PORT_Assert(ctr->bufPtr == blocksize);
51 + }
52 +
53 + intel_aes_ctr_worker(((AESContext*)(ctr->context))->Nr)(
54 + ctr, outbuf, outlen, maxout, inbuf, inlen, blocksize);
55 + /* XXX intel_aes_ctr_worker should set *outlen. */
56 + PORT_Assert(*outlen == 0);
57 + fullblocks = (inlen/blocksize)*blocksize;
58 + *outlen += fullblocks;
59 + outbuf += fullblocks;
60 + inbuf += fullblocks;
61 + inlen -= fullblocks;
62 +
63 + if (inlen == 0) {
64 + return SECSuccess;
65 + }
66 + rv = (*ctr->cipher)(ctr->context, ctr->buffer, &tmp, blocksize,
67 + ctr->counter, blocksize, blocksize);
68 + ctr_GetNextCtr(ctr->counter, ctr->counterBits, blocksize);
69 + if (rv != SECSuccess) {
70 + return SECFailure;
71 + }
72 + ctr_xor(outbuf, inbuf, ctr->buffer, inlen);
73 + ctr->bufPtr = inlen;
74 + *outlen += inlen;
75 + return SECSuccess;
76 +}
77 +#endif
78 diff --git a/nss/lib/freebl/ctr.h b/nss/lib/freebl/ctr.h
79 index 69ef150..e7645a2 100644
80 --- a/nss/lib/freebl/ctr.h
81 +++ b/nss/lib/freebl/ctr.h
82 @@ -41,4 +41,11 @@ SECStatus CTR_Update(CTRContext *ctr, unsigned char *outbuf,
83 const unsigned char *inbuf, unsigned int inlen,
84 unsigned int blocksize);
85
86 +#ifdef USE_HW_AES
87 +SECStatus CTR_Update_HW_AES(CTRContext *ctr, unsigned char *outbuf,
88 + unsigned int *outlen, unsigned int maxout,
89 + const unsigned char *inbuf, unsigned int inlen,
90 + unsigned int blocksize);
91 +#endif
92 +
93 #endif
94 diff --git a/nss/lib/freebl/intel-aes.h b/nss/lib/freebl/intel-aes.h
95 index 1e18007..3b71e5f 100644
96 --- a/nss/lib/freebl/intel-aes.h
97 +++ b/nss/lib/freebl/intel-aes.h
98 @@ -33,6 +33,12 @@ SECStatus intel_aes_decrypt_cbc_128(AESContext *cx, unsigned char *output,
99 const unsigned char *input,
100 unsigned int inputLen,
101 unsigned int blocksize);
102 +SECStatus intel_aes_encrypt_ctr_128(CTRContext *cx, unsigned char *output,
103 + unsigned int *outputLen,
104 + unsigned int maxOutputLen,
105 + const unsigned char *input,
106 + unsigned int inputLen,
107 + unsigned int blocksize);
108 SECStatus intel_aes_encrypt_ecb_192(AESContext *cx, unsigned char *output,
109 unsigned int *outputLen,
110 unsigned int maxOutputLen,
111 @@ -57,6 +63,12 @@ SECStatus intel_aes_decrypt_cbc_192(AESContext *cx, unsigned char *output,
112 const unsigned char *input,
113 unsigned int inputLen,
114 unsigned int blocksize);
115 +SECStatus intel_aes_encrypt_ctr_192(CTRContext *cx, unsigned char *output,
116 + unsigned int *outputLen,
117 + unsigned int maxOutputLen,
118 + const unsigned char *input,
119 + unsigned int inputLen,
120 + unsigned int blocksize);
121 SECStatus intel_aes_encrypt_ecb_256(AESContext *cx, unsigned char *output,
122 unsigned int *outputLen,
123 unsigned int maxOutputLen,
124 @@ -81,6 +93,12 @@ SECStatus intel_aes_decrypt_cbc_256(AESContext *cx, unsigned char *output,
125 const unsigned char *input,
126 unsigned int inputLen,
127 unsigned int blocksize);
128 +SECStatus intel_aes_encrypt_ctr_256(CTRContext *cx, unsigned char *output,
129 + unsigned int *outputLen,
130 + unsigned int maxOutputLen,
131 + const unsigned char *input,
132 + unsigned int inputLen,
133 + unsigned int blocksize);
134
135
136 #define intel_aes_ecb_worker(encrypt, keysize) \
137 @@ -102,6 +120,11 @@ SECStatus intel_aes_decrypt_cbc_256(AESContext *cx, unsigne d char *output,
138 (keysize) == 24 ? intel_aes_decrypt_cbc_192 : \
139 intel_aes_decrypt_cbc_256))
140
141 +#define intel_aes_ctr_worker(nr) \
142 + ((nr) == 10 ? intel_aes_encrypt_ctr_128 : \
143 + (nr) == 12 ? intel_aes_encrypt_ctr_192 : \
144 + intel_aes_encrypt_ctr_256)
145 +
146
147 #define intel_aes_init(encrypt, keysize) \
148 do { \
149 diff --git a/nss/lib/freebl/intel-gcm-wrap.c b/nss/lib/freebl/intel-gcm-wrap.c
150 index b2f6f5e..afd3029 100644
151 --- a/nss/lib/freebl/intel-gcm-wrap.c
152 +++ b/nss/lib/freebl/intel-gcm-wrap.c
153 @@ -3,7 +3,7 @@
154 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
155 /* Copyright(c) 2013, Intel Corp. */
156
157 -/* Wrapper funcions for Intel optimized implementation of AES-GCM */
158 +/* Wrapper functions for Intel optimized implementation of AES-GCM */
159
160 #ifdef USE_HW_AES
161
162 @@ -24,12 +24,8 @@
163 #include "intel-gcm.h"
164 #include "rijndael.h"
165
166 -#if defined(__INTEL_COMPILER)
167 -#include <ia32intrin.h>
168 -#elif defined(__GNUC__)
169 #include <emmintrin.h>
170 #include <tmmintrin.h>
171 -#endif
172
173
174 struct intel_AES_GCMContextStr{
175 @@ -143,9 +139,9 @@ void intel_AES_GCM_DestroyContext(intel_AES_GCMContext *gcm, PRBool freeit)
176
177 SECStatus intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext *gcm,
178 unsigned char *outbuf,
179 - unsigned int *outlen, unsigned int maxout,
180 - const unsigned char *inbuf, unsigned int inlen,
181 - unsigned int blocksize)
182 + unsigned int *outlen, unsigned int maxout,
183 + const unsigned char *inbuf, unsigned int inlen,
184 + unsigned int blocksize)
185 {
186 unsigned int tagBytes;
187 unsigned char T[AES_BLOCK_SIZE];
188 @@ -189,9 +185,9 @@ SECStatus intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext * gcm,
189
190 SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *gcm,
191 unsigned char *outbuf,
192 - unsigned int *outlen, unsigned int maxout,
193 - const unsigned char *inbuf, unsigned int inlen,
194 - unsigned int blocksize)
195 + unsigned int *outlen, unsigned int maxout,
196 + const unsigned char *inbuf, unsigned int inlen,
197 + unsigned int blocksize)
198 {
199 unsigned int tagBytes;
200 unsigned char T[AES_BLOCK_SIZE];
201 @@ -201,13 +197,19 @@ SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *gcm,
202
203 /* get the authentication block */
204 if (inlen < tagBytes) {
205 - PORT_SetError(SEC_ERROR_INVALID_ARGS);
206 + PORT_SetError(SEC_ERROR_INPUT_LEN);
207 return SECFailure;
208 }
209
210 inlen -= tagBytes;
211 intag = inbuf + inlen;
212
213 + if (maxout < inlen) {
214 + *outlen = inlen;
215 + PORT_SetError(SEC_ERROR_OUTPUT_LEN);
216 + return SECFailure;
217 + }
218 +
219 intel_aes_gcmDEC(
220 inbuf,
221 outbuf,
222 @@ -224,6 +226,8 @@ SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext * gcm,
223 T);
224
225 if (NSS_SecureMemcmp(T, intag, tagBytes) != 0) {
226 + memset(outbuf, 0, inlen);
227 + *outlen = 0;
228 /* force a CKR_ENCRYPTED_DATA_INVALID error at in softoken */
229 PORT_SetError(SEC_ERROR_BAD_DATA);
230 return SECFailure;
231 diff --git a/nss/lib/freebl/rijndael.c b/nss/lib/freebl/rijndael.c
232 index 8bb8905..9703867 100644
233 --- a/nss/lib/freebl/rijndael.c
234 +++ b/nss/lib/freebl/rijndael.c
235 @@ -1063,8 +1063,10 @@ aes_InitContext(AESContext *cx, const unsigned char *key, unsigned int keysize,
236 intel_aes_cbc_worker(encrypt, keysize);
237 } else
238 #endif
239 + {
240 cx->worker = (freeblCipherFunc) (encrypt
241 ? &rijndael_encryptCBC : &rijndael_decryptCBC);
242 + }
243 } else {
244 #if USE_HW_AES
245 if (use_hw_aes) {
246 @@ -1072,8 +1074,10 @@ aes_InitContext(AESContext *cx, const unsigned char *key, unsigned int keysize,
247 intel_aes_ecb_worker(encrypt, keysize);
248 } else
249 #endif
250 + {
251 cx->worker = (freeblCipherFunc) (encrypt
252 ? &rijndael_encryptECB : &rijndael_decryptECB);
253 + }
254 }
255 PORT_Assert((cx->Nb * (cx->Nr + 1)) <= RIJNDAEL_MAX_EXP_KEY_SIZE);
256 if ((cx->Nb * (cx->Nr + 1)) > RIJNDAEL_MAX_EXP_KEY_SIZE) {
257 @@ -1171,7 +1175,14 @@ AES_InitContext(AESContext *cx, const unsigned char *key, unsigned int keysize,
258 break;
259 case NSS_AES_CTR:
260 cx->worker_cx = CTR_CreateContext(cx, cx->worker, iv, blocksize);
261 - cx->worker = (freeblCipherFunc) CTR_Update ;
262 +#if defined(USE_HW_AES) && defined(_MSC_VER)
263 + if (use_hw_aes) {
264 + cx->worker = (freeblCipherFunc) CTR_Update_HW_AES;
265 + } else
266 +#endif
267 + {
268 + cx->worker = (freeblCipherFunc) CTR_Update;
269 + }
270 cx->destroy = (freeblDestroyFunc) CTR_DestroyContext;
271 cx->isBlock = PR_FALSE;
272 break;
OLDNEW
« no previous file with comments | « nss/lib/freebl/rijndael.c ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698