mirrors/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2025-11-04 10:40:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

[CRYPTO] salsa20_generic: Fix multi-page processing

Browse source 
This patch fixes the multi-page processing bug that affects large test
vectors (the same bug that previously affected ctr.c).

There is an optimization for the case walk.nbytes == nbytes. Also we
now use crypto_xor() instead of adhoc XOR routines.

Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Tan Swee Heng 2007-12-07 16:38:45 +08:00 committed by Herbert Xu
parent 7f6813786a
commit eb6f13eb9f
1 changed files with 23 additions and 11 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

34
crypto/salsa20_generic.c
View file

@ -143,7 +143,6 @@ static void salsa20_encrypt_bytes(struct salsa20_ctx *ctx, u8 *dst,
const u8 *src, unsigned int bytes) const u8 *src, unsigned int bytes)
{ {
u8 buf[64]; u8 buf[64];
int i;
if (dst != src) if (dst != src)
memcpy(dst, src, bytes); memcpy(dst, src, bytes);
@ -156,15 +155,11 @@ static void salsa20_encrypt_bytes(struct salsa20_ctx *ctx, u8 *dst,
ctx->input[9] = PLUSONE(ctx->input[9]); ctx->input[9] = PLUSONE(ctx->input[9]);
if (bytes <= 64) { if (bytes <= 64) {
for (i = 0; i < bytes/4; ++i) crypto_xor(dst, buf, bytes);
((u32*)dst)[i] ^= ((u32*)buf)[i];
for (i = bytes - bytes % 4; i < bytes; ++i)
dst[i] ^= buf[i];
return; return;
} }
for (i = 0; i < 64/4; ++i) crypto_xor(dst, buf, 64);
((u32*)dst)[i] ^= ((u32*)buf)[i];
bytes -= 64; bytes -= 64;
dst += 64; dst += 64;
} }
@ -192,13 +187,30 @@ static int encrypt(struct blkcipher_desc *desc,
int err; int err;
blkcipher_walk_init(&walk, dst, src, nbytes); blkcipher_walk_init(&walk, dst, src, nbytes);
err = blkcipher_walk_virt(desc, &walk); err = blkcipher_walk_virt_block(desc, &walk, 64);
salsa20_ivsetup(ctx, walk.iv); salsa20_ivsetup(ctx, walk.iv);
salsa20_encrypt_bytes(ctx, walk.dst.virt.addr,
walk.src.virt.addr, nbytes);
err = blkcipher_walk_done(desc, &walk, 0); if (likely(walk.nbytes == nbytes))
{
salsa20_encrypt_bytes(ctx, walk.dst.virt.addr,
walk.src.virt.addr, nbytes);
return blkcipher_walk_done(desc, &walk, 0);
}
while (walk.nbytes >= 64) {
salsa20_encrypt_bytes(ctx, walk.dst.virt.addr,
walk.src.virt.addr,
walk.nbytes - (walk.nbytes % 64));
err = blkcipher_walk_done(desc, &walk, walk.nbytes % 64);
}
if (walk.nbytes) {
salsa20_encrypt_bytes(ctx, walk.dst.virt.addr,
walk.src.virt.addr, walk.nbytes);
err = blkcipher_walk_done(desc, &walk, 0);
}
return err; return err;
} }