Fix:

- Remove unnecessary tests. - Update description of MBEDTLS_GCM_LARGETABLE parameter. - Move acceleration defines from gcm.h to gcm.c. - Remove unnecessary zero setting after shift. - Fix implementation for big-endian architectures. Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2025-07-30 22:43:08 +03:00 · 2024-02-08 13:54:48 +01:00
parent 0767fdadbf
commit 782667883a
4 changed files with 30 additions and 56 deletions
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@ -33,11 +33,6 @@
 #define MBEDTLS_GCM_ENCRYPT     1
 #define MBEDTLS_GCM_DECRYPT     0

-#define MBEDTLS_GCM_ACC_SMALLTABLE  0
-#define MBEDTLS_GCM_ACC_LARGETABLE  1
-#define MBEDTLS_GCM_ACC_AESNI       2
-#define MBEDTLS_GCM_ACC_AESCE       3
-
 /** Authenticated decryption failed. */
 #define MBEDTLS_ERR_GCM_AUTH_FAILED                       -0x0012
 /** Bad input parameters to function. */
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@ -2807,6 +2807,9 @@
 * Can significantly increase throughput on systems without GCM hardware
 * acceleration (e.g., AESNI, AESCE).
 *
+ * The mbedtls_gcm_context size will increase by 3840 bytes.
+ * The code size will increase by roughly 344 bytes.
+ *
 * Module:  library/gcm.c
 *
 * Requires: MBEDTLS_GCM_C
--- a/library/gcm.c
+++ b/library/gcm.c
@ -41,6 +41,12 @@

 #if !defined(MBEDTLS_GCM_ALT)

+/* Used to select the acceleration mechanism */
+#define MBEDTLS_GCM_ACC_SMALLTABLE  0
+#define MBEDTLS_GCM_ACC_LARGETABLE  1
+#define MBEDTLS_GCM_ACC_AESNI       2
+#define MBEDTLS_GCM_ACC_AESCE       3
+
 /*
 * Initialize a context
 */
@ -253,17 +259,28 @@ static void gcm_mult_largetable(uint8_t *output, const uint8_t *x, uint64_t H[25
    u64z[0] = 0;
    u64z[1] = 0;

-    for (i = 15; i > 0; i--) {
-        mbedtls_xor_no_simd(u8z, u8z, (uint8_t *) H[x[i]], 16);
+    if (MBEDTLS_IS_BIG_ENDIAN) {
+        for (i = 15; i > 0; i--) {
+            mbedtls_xor_no_simd(u8z, u8z, (uint8_t *) H[x[i]], 16);
+            rem = u8z[15];

-        rem = u8z[15];
+            u64z[1] >>= 8;
+            u8z[8] = u8z[7];
+            u64z[0] >>= 8;

-        u64z[1] <<= 8;
-        u8z[8] = u8z[7];
-        u64z[0] <<= 8;
+            u16z[0] ^= MBEDTLS_GET_UINT16_LE(&last8[rem], 0);
+        }
+    } else {
+        for (i = 15; i > 0; i--) {
+            mbedtls_xor_no_simd(u8z, u8z, (uint8_t *) H[x[i]], 16);
+            rem = u8z[15];

-        u8z[0] = 0;
-        u16z[0] ^= last8[rem];
+            u64z[1] <<= 8;
+            u8z[8] = u8z[7];
+            u64z[0] <<= 8;
+
+            u16z[0] ^= last8[rem];
+        }
    }

    mbedtls_xor_no_simd(output, u8z, (uint8_t *) H[x[0]], 16);
@ -318,10 +335,8 @@ static void gcm_mult_smalltable(uint8_t *output, const uint8_t *x, uint64_t H[16
        mbedtls_xor_no_simd(u8z, u8z, (uint8_t *) H[hi], 16);
    }

-    MBEDTLS_PUT_UINT32_BE(u64z[0] >> 32, output, 0);
-    MBEDTLS_PUT_UINT32_BE(u64z[0], output, 4);
-    MBEDTLS_PUT_UINT32_BE(u64z[1] >> 32, output, 8);
-    MBEDTLS_PUT_UINT32_BE(u64z[1], output, 12);
+    MBEDTLS_PUT_UINT64_BE(u64z[0], output, 0);
+    MBEDTLS_PUT_UINT64_BE(u64z[1], output, 8);
 }
 #endif

--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@ -4950,45 +4950,6 @@ component_test_gcm_largetable () {

    make CFLAGS='-O2 -Werror -Wall -Wextra'

-    msg "test: default config + GCM_LARGETABLE - AESNI_C - AESCE_C"
-    make test
-}
-
-component_test_gcm_largetable_gcc () {
-    msg "build: default config + GCM_LARGETABLE - AESNI_C - AESCE_C"
-    scripts/config.py set MBEDTLS_GCM_LARGETABLE
-    scripts/config.py unset MBEDTLS_PADLOCK_C
-    scripts/config.py unset MBEDTLS_AESNI_C
-    scripts/config.py unset MBEDTLS_AESCE_C
-
-    make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra'
-
-    msg "test: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
-    make test
-}
-
-component_test_gcm_smalltable () {
-    msg "build: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
-    scripts/config.py unset MBEDTLS_GCM_LARGETABLE
-    scripts/config.py unset MBEDTLS_PADLOCK_C
-    scripts/config.py unset MBEDTLS_AESNI_C
-    scripts/config.py unset MBEDTLS_AESCE_C
-
-    make CFLAGS='-O2 -Werror -Wall -Wextra'
-
-    msg "test: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
-    make test
-}
-
-component_test_gcm_smalltable_gcc () {
-    msg "build: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
-    scripts/config.py unset MBEDTLS_GCM_LARGETABLE
-    scripts/config.py unset MBEDTLS_PADLOCK_C
-    scripts/config.py unset MBEDTLS_AESNI_C
-    scripts/config.py unset MBEDTLS_AESCE_C
-
-    make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra'
-
    msg "test: default config - GCM_LARGETABLE - AESNI_C - AESCE_C"
    make test
 }