Skip to content

Commit

Permalink
Make the distinction between the state alignment and the rate
Browse files Browse the repository at this point in the history
  • Loading branch information
@jedisct1
jedisct1 committed Jun 10, 2024
1 parent f0d4731 commit 8256461
Show file tree
Hide file tree
Showing 13 changed files with 325 additions and 267 deletions.
96 changes: 53 additions & 43 deletions src/aegis128l/aegis128l_common.h
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#define RATE 32
#define RATE 32
#define ALIGNMENT 32

static void
aegis128l_init(const uint8_t *key, const uint8_t *nonce, aes_block_t *const state)
Expand Down Expand Up @@ -145,10 +146,10 @@ static int
encrypt_detached(uint8_t *c, uint8_t *mac, size_t maclen, const uint8_t *m, size_t mlen,
const uint8_t *ad, size_t adlen, const uint8_t *npub, const uint8_t *k)
{
aes_block_t state[8];
CRYPTO_ALIGN(RATE) uint8_t src[RATE];
CRYPTO_ALIGN(RATE) uint8_t dst[RATE];
size_t i;
aes_block_t state[8];
CRYPTO_ALIGN(ALIGNMENT) uint8_t src[RATE];
CRYPTO_ALIGN(ALIGNMENT) uint8_t dst[RATE];
size_t i;

aegis128l_init(k, npub, state);

Expand Down Expand Up @@ -179,13 +180,13 @@ static int
decrypt_detached(uint8_t *m, const uint8_t *c, size_t clen, const uint8_t *mac, size_t maclen,
const uint8_t *ad, size_t adlen, const uint8_t *npub, const uint8_t *k)
{
aes_block_t state[8];
CRYPTO_ALIGN(RATE) uint8_t src[RATE];
CRYPTO_ALIGN(RATE) uint8_t dst[RATE];
CRYPTO_ALIGN(16) uint8_t computed_mac[32];
const size_t mlen = clen;
size_t i;
int ret;
aes_block_t state[8];
CRYPTO_ALIGN(ALIGNMENT) uint8_t src[RATE];
CRYPTO_ALIGN(ALIGNMENT) uint8_t dst[RATE];
CRYPTO_ALIGN(16) uint8_t computed_mac[32];
const size_t mlen = clen;
size_t i;
int ret;

aegis128l_init(k, npub, state);

Expand Down Expand Up @@ -231,10 +232,10 @@ decrypt_detached(uint8_t *m, const uint8_t *c, size_t clen, const uint8_t *mac,
static void
stream(uint8_t *out, size_t len, const uint8_t *npub, const uint8_t *k)
{
aes_block_t state[8];
CRYPTO_ALIGN(RATE) uint8_t src[RATE];
CRYPTO_ALIGN(RATE) uint8_t dst[RATE];
size_t i;
aes_block_t state[8];
CRYPTO_ALIGN(ALIGNMENT) uint8_t src[RATE];
CRYPTO_ALIGN(ALIGNMENT) uint8_t dst[RATE];
size_t i;

memset(src, 0, sizeof src);
if (npub == NULL) {
Expand All @@ -256,10 +257,10 @@ static void
encrypt_unauthenticated(uint8_t *c, const uint8_t *m, size_t mlen, const uint8_t *npub,
const uint8_t *k)
{
aes_block_t state[8];
CRYPTO_ALIGN(RATE) uint8_t src[RATE];
CRYPTO_ALIGN(RATE) uint8_t dst[RATE];
size_t i;
aes_block_t state[8];
CRYPTO_ALIGN(ALIGNMENT) uint8_t src[RATE];
CRYPTO_ALIGN(ALIGNMENT) uint8_t dst[RATE];
size_t i;

aegis128l_init(k, npub, state);

Expand Down Expand Up @@ -305,10 +306,11 @@ state_init(aegis128l_state *st_, const uint8_t *ad, size_t adlen, const uint8_t
const uint8_t *k)
{
_aegis128l_state *const st =
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (RATE - 1)) & ~(uintptr_t) (RATE - 1));
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
size_t i;

COMPILER_ASSERT((sizeof *st) + RATE <= sizeof *st_);
COMPILER_ASSERT((sizeof *st) + ALIGNMENT <= sizeof *st_);
st->mlen = 0;
st->pos = 0;

Expand All @@ -329,7 +331,8 @@ state_encrypt_update(aegis128l_state *st_, uint8_t *c, size_t clen_max, size_t *
const uint8_t *m, size_t mlen)
{
_aegis128l_state *const st =
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (RATE - 1)) & ~(uintptr_t) (RATE - 1));
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
size_t i = 0;
size_t left;

Expand Down Expand Up @@ -359,7 +362,7 @@ state_encrypt_update(aegis128l_state *st_, uint8_t *c, size_t clen_max, size_t *
return 0;
}
}
if (clen_max < (mlen & ~(size_t) (RATE - 1))) {
if (clen_max < (mlen & ~(size_t) (ALIGNMENT - 1))) {
errno = ERANGE;
return -1;
}
Expand All @@ -380,9 +383,10 @@ state_encrypt_detached_final(aegis128l_state *st_, uint8_t *c, size_t clen_max,
uint8_t *mac, size_t maclen)
{
_aegis128l_state *const st =
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (RATE - 1)) & ~(uintptr_t) (RATE - 1));
CRYPTO_ALIGN(RATE) uint8_t src[RATE];
CRYPTO_ALIGN(RATE) uint8_t dst[RATE];
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
CRYPTO_ALIGN(ALIGNMENT) uint8_t src[RATE];
CRYPTO_ALIGN(ALIGNMENT) uint8_t dst[RATE];

*written = 0;
if (clen_max < st->pos) {
Expand All @@ -407,9 +411,10 @@ state_encrypt_final(aegis128l_state *st_, uint8_t *c, size_t clen_max, size_t *w
size_t maclen)
{
_aegis128l_state *const st =
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (RATE - 1)) & ~(uintptr_t) (RATE - 1));
CRYPTO_ALIGN(RATE) uint8_t src[RATE];
CRYPTO_ALIGN(RATE) uint8_t dst[RATE];
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
CRYPTO_ALIGN(ALIGNMENT) uint8_t src[RATE];
CRYPTO_ALIGN(ALIGNMENT) uint8_t dst[RATE];

*written = 0;
if (clen_max < st->pos + maclen) {
Expand All @@ -434,10 +439,11 @@ state_decrypt_detached_update(aegis128l_state *st_, uint8_t *m, size_t mlen_max,
const uint8_t *c, size_t clen)
{
_aegis128l_state *const st =
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (RATE - 1)) & ~(uintptr_t) (RATE - 1));
CRYPTO_ALIGN(RATE) uint8_t dst[RATE];
size_t i = 0;
size_t left;
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
CRYPTO_ALIGN(ALIGNMENT) uint8_t dst[RATE];
size_t i = 0;
size_t left;

*written = 0;
st->mlen += clen;
Expand Down Expand Up @@ -495,10 +501,11 @@ static int
state_decrypt_detached_final(aegis128l_state *st_, uint8_t *m, size_t mlen_max, size_t *written,
const uint8_t *mac, size_t maclen)
{
CRYPTO_ALIGN(16) uint8_t computed_mac[32];
CRYPTO_ALIGN(RATE) uint8_t dst[RATE];
_aegis128l_state *const st =
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (RATE - 1)) & ~(uintptr_t) (RATE - 1));
CRYPTO_ALIGN(16) uint8_t computed_mac[32];
CRYPTO_ALIGN(ALIGNMENT) uint8_t dst[RATE];
_aegis128l_state *const st =
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
int ret;

*written = 0;
Expand Down Expand Up @@ -532,7 +539,8 @@ static int
state_mac_update(aegis128l_state *st_, const uint8_t *ad, size_t adlen)
{
_aegis128l_state *const st =
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (RATE - 1)) & ~(uintptr_t) (RATE - 1));
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
size_t i;
size_t left;

Expand Down Expand Up @@ -574,7 +582,8 @@ static int
state_mac_final(aegis128l_state *st_, uint8_t *mac, size_t maclen)
{
_aegis128l_state *const st =
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (RATE - 1)) & ~(uintptr_t) (RATE - 1));
(_aegis128l_state *) ((((uintptr_t) &st_->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
size_t left;

left = st->adlen % RATE;
Expand All @@ -591,9 +600,10 @@ static void
state_clone(aegis128l_state *dst, const aegis128l_state *src)
{
_aegis128l_state *const dst_ =
(_aegis128l_state *) ((((uintptr_t) &dst->opaque) + (RATE - 1)) & ~(uintptr_t) (RATE - 1));
(_aegis128l_state *) ((((uintptr_t) &dst->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
const _aegis128l_state *const src_ =
(const _aegis128l_state *) ((((uintptr_t) &src->opaque) + (RATE - 1)) &
~(uintptr_t) (RATE - 1));
(const _aegis128l_state *) ((((uintptr_t) &src->opaque) + (ALIGNMENT - 1)) &
~(uintptr_t) (ALIGNMENT - 1));
*dst_ = *src_;
}
Loading

0 comments on commit 8256461

Please sign in to comment.