Use optimised counter increment in AES-CTR and CTR-DRBG
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/library/aes.c b/library/aes.c
index ced8a32..b1a5c3e 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -53,6 +53,7 @@
#endif
#include "mbedtls/platform.h"
+#include "ctr.h"
/*
* This is a convenience shorthand macro to check if we need reverse S-box and
@@ -1456,11 +1457,7 @@
if (ret != 0) {
goto exit;
}
- for (int j = 16; j > 0; j--) {
- if (++nonce_counter[j - 1] != 0) {
- break;
- }
- }
+ mbedtls_ctr_increment_counter(nonce_counter);
} else {
n -= offset;
}
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index da34f95..f3995f7 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -14,6 +14,7 @@
#if defined(MBEDTLS_CTR_DRBG_C)
+#include "ctr.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
@@ -333,7 +334,7 @@
{
unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char *p = tmp;
- int i, j;
+ int j;
int ret = 0;
#if !defined(MBEDTLS_AES_C)
psa_status_t status;
@@ -346,11 +347,7 @@
/*
* Increase counter
*/
- for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) {
- if (++ctx->counter[i - 1] != 0) {
- break;
- }
- }
+ mbedtls_ctr_increment_counter(ctx->counter);
/*
* Crypt counter block
@@ -652,13 +649,9 @@
while (output_len > 0) {
/*
- * Increase counter
+ * Increase counter (treat it as a 128-bit big-endian integer).
*/
- for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) {
- if (++ctx->counter[i - 1] != 0) {
- break;
- }
- }
+ mbedtls_ctr_increment_counter(ctx->counter);
/*
* Crypt counter block