From 5c0b1b4bf6ee7ca0cec867e04f3253710b267ed4 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 25 Oct 2017 15:30:05 +0200 Subject: [PATCH] add copy_or_zeromem() --- src/encauth/ccm/ccm_memory.c | 24 +------------- src/headers/tomcrypt_misc.h | 3 ++ src/misc/copy_or_zeromem.c | 61 ++++++++++++++++++++++++++++++++++++ 3 files changed, 65 insertions(+), 23 deletions(-) create mode 100644 src/misc/copy_or_zeromem.c diff --git a/src/encauth/ccm/ccm_memory.c b/src/encauth/ccm/ccm_memory.c index 3326ce5c..0ffdbcef 100644 --- a/src/encauth/ccm/ccm_memory.c +++ b/src/encauth/ccm/ccm_memory.c @@ -51,10 +51,6 @@ int ccm_memory(int cipher, symmetric_key *skey; int err; unsigned long len, L, x, y, z, CTRlen; -#ifdef LTC_FAST - LTC_FAST_TYPE fastMask = ~0; /* initialize fastMask at all zeroes */ -#endif - unsigned char mask = 0xff; /* initialize mask at all zeroes */ if (uskey == NULL) { LTC_ARGCHK(key != NULL); @@ -360,29 +356,11 @@ int ccm_memory(int cipher, /* Zero the plaintext if the tag was invalid (in constant time) */ if (ptlen > 0) { - y = 0; - mask *= 1 - err; /* mask = ( err ? 0 : 0xff ) */ -#ifdef LTC_FAST - fastMask *= 1 - err; - if (ptlen & ~15) { - for (; y < (ptlen & ~15); y += 16) { - for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&pt_real[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])) & fastMask; - } - } - } -#endif - for (; y < ptlen; y++) { - pt_real[y] = pt[y] & mask; - } + copy_or_zeromem(pt, pt_real, ptlen, err); } } #ifdef LTC_CLEAN_STACK -#ifdef LTC_FAST - fastMask = 0; -#endif - mask = 0; zeromem(PAD, sizeof(PAD)); zeromem(CTRPAD, sizeof(CTRPAD)); if (pt_work != NULL) { diff --git a/src/headers/tomcrypt_misc.h b/src/headers/tomcrypt_misc.h index 0440a5ef..63fc3a89 100644 --- a/src/headers/tomcrypt_misc.h +++ b/src/headers/tomcrypt_misc.h @@ -72,6 +72,9 @@ int hkdf(int hash_idx, /* ---- MEM routines ---- */ int mem_neq(const void *a, const void *b, size_t len); void zeromem(volatile void *dst, size_t len); +#ifdef LTC_SOURCE +void copy_or_zeromem(const unsigned char* src, unsigned char* dest, unsigned long len, int coz); +#endif void burn_stack(unsigned long len); const char *error_to_string(int err); diff --git a/src/misc/copy_or_zeromem.c b/src/misc/copy_or_zeromem.c new file mode 100644 index 00000000..ec78fed6 --- /dev/null +++ b/src/misc/copy_or_zeromem.c @@ -0,0 +1,61 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file copy_or_zeromem.c + Either copy or zero a block of memory in constant time, Steffen Jaeckel +*/ + +/** + Either copy or zero a block of memory in constant time + @param src The source where to read from + @param dest The destination where to write to + @param len The length of the area to process (octets) + @param coz Copy (on 0) Or Zero (> 0) +*/ +void copy_or_zeromem(const unsigned char* src, unsigned char* dest, unsigned long len, int coz) +{ + unsigned long y; +#ifdef LTC_FAST + unsigned long z; + LTC_FAST_TYPE fastMask = ~0; /* initialize fastMask at all ones */ +#endif + unsigned char mask = 0xff; /* initialize mask at all ones */ + + LTC_ARGCHK(src != NULL); + LTC_ARGCHK(dest != NULL); + + if (coz != 0) coz = 1; + y = 0; + mask *= 1 - coz; /* mask = ( coz ? 0 : 0xff ) */ +#ifdef LTC_FAST + fastMask *= 1 - coz; + if (len & ~15) { + for (; y < (len & ~15); y += 16) { + for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { + *(LTC_FAST_TYPE_PTR_CAST(&dest[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&src[y+z])) & fastMask; + } + } + } +#endif + for (; y < len; y++) { + dest[y] = src[y] & mask; + } +#ifdef LTC_CLEAN_STACK +#ifdef LTC_FAST + fastMask = 0; +#endif + mask = 0; +#endif +} + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */