Skip to content

Commit 9f01968

Browse files
cyliangtwccli8
cyliangtw
authored and
ccli8
committed
M467: GCM support one simple mode instead of using composite GHASH & CTR MODE
1 parent 9dc7cd2 commit 9f01968

File tree

1 file changed

+85
-0
lines changed
  • connectivity/drivers/mbedtls/TARGET_NUVOTON/TARGET_M460/gcm

1 file changed

+85
-0
lines changed

connectivity/drivers/mbedtls/TARGET_NUVOTON/TARGET_M460/gcm/gcm_alt.c

Lines changed: 85 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -563,6 +563,90 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
563563
}
564564

565565

566+
//#define NVT_GCM_USE_GHASH_CTR_MODE
567+
568+
#ifndef NVT_GCM_USE_GHASH_CTR_MODE
569+
/*
570+
* Apply GCM mode only for Decrypt, Encrypt & Tag
571+
*/
572+
int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
573+
int mode,
574+
size_t length,
575+
const unsigned char *iv,
576+
size_t iv_len,
577+
const unsigned char *add,
578+
size_t add_len,
579+
const unsigned char *input,
580+
unsigned char *output,
581+
size_t tag_len,
582+
unsigned char *tag )
583+
{
584+
int ret = MBEDTLS_ERR_GCM_AUTH_FAILED;
585+
586+
GCM_VALIDATE_RET( ctx != NULL );
587+
GCM_VALIDATE_RET( iv != NULL );
588+
GCM_VALIDATE_RET( add_len == 0 || add != NULL );
589+
GCM_VALIDATE_RET( length == 0 || input != NULL );
590+
GCM_VALIDATE_RET( length == 0 || output != NULL );
591+
GCM_VALIDATE_RET( tag != NULL );
592+
593+
if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 )
594+
return( ret );
595+
596+
if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 )
597+
return( ret );
598+
599+
if( ( ret = mbedtls_gcm_finish( ctx, tag, tag_len ) ) != 0 )
600+
return( ret );
601+
602+
return( 0 );
603+
}
604+
605+
int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
606+
size_t length,
607+
const unsigned char *iv,
608+
size_t iv_len,
609+
const unsigned char *add,
610+
size_t add_len,
611+
const unsigned char *tag,
612+
size_t tag_len,
613+
const unsigned char *input,
614+
unsigned char *output )
615+
{
616+
int ret = MBEDTLS_ERR_GCM_AUTH_FAILED;
617+
unsigned char check_tag[16];
618+
size_t i;
619+
int diff;
620+
621+
GCM_VALIDATE_RET( ctx != NULL );
622+
GCM_VALIDATE_RET( iv != NULL );
623+
GCM_VALIDATE_RET( add_len == 0 || add != NULL );
624+
GCM_VALIDATE_RET( tag != NULL );
625+
GCM_VALIDATE_RET( length == 0 || input != NULL );
626+
GCM_VALIDATE_RET( length == 0 || output != NULL );
627+
628+
if( ( ret = mbedtls_gcm_crypt_and_tag( ctx, MBEDTLS_GCM_DECRYPT, length,
629+
iv, iv_len, add, add_len,
630+
input, output, tag_len, check_tag ) ) != 0 )
631+
{
632+
return( ret );
633+
}
634+
635+
/* Check tag in "constant-time" */
636+
for( diff = 0, i = 0; i < tag_len; i++ )
637+
diff |= tag[i] ^ check_tag[i];
638+
639+
if( diff != 0 )
640+
{
641+
mbedtls_platform_zeroize( output, length );
642+
return( MBEDTLS_ERR_GCM_AUTH_FAILED );
643+
}
644+
645+
return( 0 );
646+
}
647+
648+
#else /* NVT_GCM_USE_GHASH_CTR_MODE */
649+
566650
/*
567651
* Apply GHASH & CTR mode for Tag calculation @GCMEnc
568652
*/
@@ -1006,5 +1090,6 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
10061090
}
10071091

10081092

1093+
#endif /* NVT_GCM_USE_GHASH_CTR_MODE */
10091094
#endif /* MBEDTLS_GCM_ALT */
10101095
#endif /* MBEDTLS_GCM_C */

0 commit comments

Comments
 (0)