From e83b9ced722861f3425100c07ea86cff9e8eaa62 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 5 Oct 2023 10:24:38 +0200 Subject: [PATCH] Re-order struct members In order to memory-align the used buffers for keys, IVs etc. we re-order the struct members of ciphers, modes and encauth. There's no guarantee that this works, but it improves the chances. Signed-off-by: Steffen Jaeckel --- src/headers/tomcrypt_cipher.h | 76 +++++++++++++++++------------------ src/headers/tomcrypt_mac.h | 29 +++++++------ 2 files changed, 52 insertions(+), 53 deletions(-) diff --git a/src/headers/tomcrypt_cipher.h b/src/headers/tomcrypt_cipher.h index 06e61247..8b6f8781 100644 --- a/src/headers/tomcrypt_cipher.h +++ b/src/headers/tomcrypt_cipher.h @@ -35,10 +35,10 @@ struct saferp_key { #ifdef LTC_RIJNDAEL struct rijndael_key { + unsigned char K[(60 + 60 + 4) * sizeof(ulong32)]; ulong32 *eK; ulong32 *dK; int Nr; - unsigned char K[(60 + 60 + 4) * sizeof(ulong32)]; }; #endif @@ -129,24 +129,24 @@ struct khazad_key { #ifdef LTC_ANUBIS struct anubis_key { - int keyBits; - int R; ulong32 roundKeyEnc[18 + 1][4]; ulong32 roundKeyDec[18 + 1][4]; + int keyBits; + int R; }; #endif #ifdef LTC_MULTI2 struct multi2_key { - int N; ulong32 uk[8]; + int N; }; #endif #ifdef LTC_CAMELLIA struct camellia_key { - int R; ulong64 kw[4], k[24], kl[6]; + int R; }; #endif @@ -247,60 +247,60 @@ typedef union Symmetric_key { #ifdef LTC_ECB_MODE /** A block cipher ECB structure */ typedef struct { + /** The scheduled key */ + symmetric_key key; /** The index of the cipher chosen */ int cipher, /** The block size of the given cipher */ blocklen; - /** The scheduled key */ - symmetric_key key; } symmetric_ECB; #endif #ifdef LTC_CFB_MODE /** A block cipher CFB structure */ typedef struct { - /** The index of the cipher chosen */ - int cipher, - /** The block size of the given cipher */ - blocklen, - /** The padding offset */ - padlen; /** The current IV */ unsigned char IV[MAXBLOCKSIZE], /** The pad used to encrypt/decrypt */ pad[MAXBLOCKSIZE]; /** The scheduled key */ symmetric_key key; -} symmetric_CFB; -#endif - -#ifdef LTC_OFB_MODE -/** A block cipher OFB structure */ -typedef struct { /** The index of the cipher chosen */ int cipher, /** The block size of the given cipher */ blocklen, /** The padding offset */ padlen; +} symmetric_CFB; +#endif + +#ifdef LTC_OFB_MODE +/** A block cipher OFB structure */ +typedef struct { /** The current IV */ unsigned char IV[MAXBLOCKSIZE]; /** The scheduled key */ symmetric_key key; + /** The index of the cipher chosen */ + int cipher, + /** The block size of the given cipher */ + blocklen, + /** The padding offset */ + padlen; } symmetric_OFB; #endif #ifdef LTC_CBC_MODE /** A block cipher CBC structure */ typedef struct { - /** The index of the cipher chosen */ - int cipher, - /** The block size of the given cipher */ - blocklen; /** The current IV */ unsigned char IV[MAXBLOCKSIZE]; /** The scheduled key */ symmetric_key key; + /** The index of the cipher chosen */ + int cipher, + /** The block size of the given cipher */ + blocklen; } symmetric_CBC; #endif @@ -308,6 +308,13 @@ typedef struct { #ifdef LTC_CTR_MODE /** A block cipher CTR structure */ typedef struct { + /** The counter */ + unsigned char ctr[MAXBLOCKSIZE]; + /** The pad used to encrypt/decrypt */ + unsigned char pad[MAXBLOCKSIZE]; + /** The scheduled key */ + symmetric_key key; + /** The index of the cipher chosen */ int cipher, /** The block size of the given cipher */ @@ -318,13 +325,6 @@ typedef struct { mode, /** counter width */ ctrlen; - - /** The counter */ - unsigned char ctr[MAXBLOCKSIZE]; - /** The pad used to encrypt/decrypt */ - unsigned char pad[MAXBLOCKSIZE] LTC_ALIGN(16); - /** The scheduled key */ - symmetric_key key; } symmetric_CTR; #endif @@ -332,9 +332,6 @@ typedef struct { #ifdef LTC_LRW_MODE /** A LRW structure */ typedef struct { - /** The index of the cipher chosen (must be a 128-bit block cipher) */ - int cipher; - /** The current IV */ unsigned char IV[16], @@ -351,25 +348,28 @@ typedef struct { /** The pre-computed multiplication table */ unsigned char PC[16][256][16]; #endif + + /** The index of the cipher chosen (must be a 128-bit block cipher) */ + int cipher; } symmetric_LRW; #endif #ifdef LTC_F8_MODE /** A block cipher F8 structure */ typedef struct { + /** The current IV */ + unsigned char IV[MAXBLOCKSIZE], + MIV[MAXBLOCKSIZE]; + /** The scheduled key */ + symmetric_key key; /** The index of the cipher chosen */ int cipher, /** The block size of the given cipher */ blocklen, /** The padding offset */ padlen; - /** The current IV */ - unsigned char IV[MAXBLOCKSIZE], - MIV[MAXBLOCKSIZE]; /** Current block count */ ulong32 blockcnt; - /** The scheduled key */ - symmetric_key key; } symmetric_F8; #endif diff --git a/src/headers/tomcrypt_mac.h b/src/headers/tomcrypt_mac.h index c8f4a322..f6738f69 100644 --- a/src/headers/tomcrypt_mac.h +++ b/src/headers/tomcrypt_mac.h @@ -358,10 +358,10 @@ typedef struct { unsigned char aSum_current[MAXBLOCKSIZE], /* AAD related helper variable */ aOffset_current[MAXBLOCKSIZE], /* AAD related helper variable */ adata_buffer[MAXBLOCKSIZE]; /* AAD buffer */ - int adata_buffer_bytes; /* bytes in AAD buffer */ - unsigned long ablock_index; /* index # for current adata (AAD) block */ symmetric_key key; /* scheduled key for cipher */ + int adata_buffer_bytes; /* bytes in AAD buffer */ + unsigned long ablock_index; /* index # for current adata (AAD) block */ unsigned long block_index; /* index # for current data block */ int cipher, /* cipher idx */ tag_len, /* length of tag */ @@ -407,7 +407,12 @@ int ocb3_test(void); #define CCM_DECRYPT LTC_DECRYPT typedef struct { + unsigned char PAD[16], /* flags | Nonce N | l(m) */ + ctr[16], + CTRPAD[16]; + symmetric_key K; + int cipher, /* which cipher */ taglen, /* length of the tag (encoded in M value) */ x; /* index in PAD */ @@ -419,10 +424,7 @@ typedef struct { current_aadlen, /* length of the currently provided add */ noncelen; /* length of the nonce */ - unsigned char PAD[16], /* flags | Nonce N | l(m) */ - ctr[16], - CTRPAD[16], - CTRlen; + unsigned char CTRlen; } ccm_state; int ccm_init(ccm_state *ccm, int cipher, @@ -478,13 +480,18 @@ extern const unsigned char gcm_shift_table[]; #define LTC_GCM_MODE_TEXT 2 typedef struct { - symmetric_key K; unsigned char H[16], /* multiplier */ X[16], /* accumulator */ Y[16], /* counter */ Y_0[16], /* initial counter */ buf[16]; /* buffer for stuff */ +#ifdef LTC_GCM_TABLES + unsigned char PC[16][256][16]; /* 16 tables of 8x128 */ +#endif + + symmetric_key K; + int cipher, /* which cipher */ ivmode, /* Which mode is the IV in? */ mode, /* mode the GCM code is in */ @@ -492,14 +499,6 @@ typedef struct { ulong64 totlen, /* 64-bit counter used for IV and AAD */ pttotlen; /* 64-bit counter for the PT */ - -#ifdef LTC_GCM_TABLES - unsigned char PC[16][256][16] /* 16 tables of 8x128 */ -#ifdef LTC_GCM_TABLES_SSE2 -LTC_ALIGN(16) -#endif -; -#endif } gcm_state; void gcm_mult_h(const gcm_state *gcm, unsigned char *I);