Fix:
- Remove unnecessary tests.
- Update description of MBEDTLS_GCM_LARGETABLE parameter.
- Move acceleration defines from gcm.h to gcm.c.
- Remove unnecessary zero setting after shift.
- Fix implementation for big-endian architectures.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index f475710..2f9a2cd 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -33,11 +33,6 @@
#define MBEDTLS_GCM_ENCRYPT 1
#define MBEDTLS_GCM_DECRYPT 0
-#define MBEDTLS_GCM_ACC_SMALLTABLE 0
-#define MBEDTLS_GCM_ACC_LARGETABLE 1
-#define MBEDTLS_GCM_ACC_AESNI 2
-#define MBEDTLS_GCM_ACC_AESCE 3
-
/** Authenticated decryption failed. */
#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012
/** Bad input parameters to function. */
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index f467737..18dbcd1 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -2807,6 +2807,9 @@
* Can significantly increase throughput on systems without GCM hardware
* acceleration (e.g., AESNI, AESCE).
*
+ * The mbedtls_gcm_context size will increase by 3840 bytes.
+ * The code size will increase by roughly 344 bytes.
+ *
* Module: library/gcm.c
*
* Requires: MBEDTLS_GCM_C
diff --git a/library/gcm.c b/library/gcm.c
index 4a01f5c..fc03acd 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -41,6 +41,12 @@
#if !defined(MBEDTLS_GCM_ALT)
+/* Used to select the acceleration mechanism */
+#define MBEDTLS_GCM_ACC_SMALLTABLE 0
+#define MBEDTLS_GCM_ACC_LARGETABLE 1
+#define MBEDTLS_GCM_ACC_AESNI 2
+#define MBEDTLS_GCM_ACC_AESCE 3
+
/*
* Initialize a context
*/
@@ -253,17 +259,28 @@
u64z[0] = 0;
u64z[1] = 0;
- for (i = 15; i > 0; i--) {
- mbedtls_xor_no_simd(u8z, u8z, (uint8_t *) H[x[i]], 16);
+ if (MBEDTLS_IS_BIG_ENDIAN) {
+ for (i = 15; i > 0; i--) {
+ mbedtls_xor_no_simd(u8z, u8z, (uint8_t *) H[x[i]], 16);
+ rem = u8z[15];
- rem = u8z[15];
+ u64z[1] >>= 8;
+ u8z[8] = u8z[7];
+ u64z[0] >>= 8;
- u64z[1] <<= 8;
- u8z[8] = u8z[7];
- u64z[0] <<= 8;
+ u16z[0] ^= MBEDTLS_GET_UINT16_LE(&last8[rem], 0);
+ }
+ } else {
+ for (i = 15; i > 0; i--) {
+ mbedtls_xor_no_simd(u8z, u8z, (uint8_t *) H[x[i]], 16);
+ rem = u8z[15];
- u8z[0] = 0;
- u16z[0] ^= last8[rem];
+ u64z[1] <<= 8;
+ u8z[8] = u8z[7];
+ u64z[0] <<= 8;
+
+ u16z[0] ^= last8[rem];
+ }
}
mbedtls_xor_no_simd(output, u8z, (uint8_t *) H[x[0]], 16);
@@ -318,10 +335,8 @@
mbedtls_xor_no_simd(u8z, u8z, (uint8_t *) H[hi], 16);
}
- MBEDTLS_PUT_UINT32_BE(u64z[0] >> 32, output, 0);
- MBEDTLS_PUT_UINT32_BE(u64z[0], output, 4);
- MBEDTLS_PUT_UINT32_BE(u64z[1] >> 32, output, 8);
- MBEDTLS_PUT_UINT32_BE(u64z[1], output, 12);
+ MBEDTLS_PUT_UINT64_BE(u64z[0], output, 0);
+ MBEDTLS_PUT_UINT64_BE(u64z[1], output, 8);
}
#endif
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index a21566c..5a61c3c 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4950,45 +4950,6 @@
make CFLAGS='-O2 -Werror -Wall -Wextra'
- msg "test: default config + GCM_LARGETABLE - AESNI_C - AESCE_C"
- make test
-}
-
-component_test_gcm_largetable_gcc () {
- msg "build: default config + GCM_LARGETABLE - AESNI_C - AESCE_C"
- scripts/config.py set MBEDTLS_GCM_LARGETABLE
- scripts/config.py unset MBEDTLS_PADLOCK_C
- scripts/config.py unset MBEDTLS_AESNI_C
- scripts/config.py unset MBEDTLS_AESCE_C
-
- make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra'
-
- msg "test: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
- make test
-}
-
-component_test_gcm_smalltable () {
- msg "build: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
- scripts/config.py unset MBEDTLS_GCM_LARGETABLE
- scripts/config.py unset MBEDTLS_PADLOCK_C
- scripts/config.py unset MBEDTLS_AESNI_C
- scripts/config.py unset MBEDTLS_AESCE_C
-
- make CFLAGS='-O2 -Werror -Wall -Wextra'
-
- msg "test: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
- make test
-}
-
-component_test_gcm_smalltable_gcc () {
- msg "build: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
- scripts/config.py unset MBEDTLS_GCM_LARGETABLE
- scripts/config.py unset MBEDTLS_PADLOCK_C
- scripts/config.py unset MBEDTLS_AESNI_C
- scripts/config.py unset MBEDTLS_AESCE_C
-
- make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra'
-
msg "test: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
make test
}