From 060cc1315f784dc7b1d9b3b2da32f034e62f3c8e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Wed, 6 Dec 2023 10:45:25 +0100
Subject: [PATCH] New helper function drbg_ctr_aes256_output.
---
ChangeLog | 4 ++++
drbg-ctr-aes256.c | 47 +++++++++++++++++++++--------------------------
2 files changed, 25 insertions(+), 26 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index ca50c7e2..08547f70 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,10 +1,14 @@
2023-12-06 Niels Möller <nisse@lysator.liu.se>
+ * drbg-ctr-aes256.c (drbg_ctr_aes256_output): New helper function.
+ (drbg_ctr_aes256_update, drbg_ctr_aes256_random): Use it.
+
From Simon Josefsson:
* drbg-ctr.h (struct drbg_ctr_aes256_ctx): New context struct.
(DRBG_CTR_AES256_SEED_SIZE): New constant.
* drbg-ctr-aes256.c (drbg_ctr_aes256_update)
(drbg_ctr_aes256_init, drbg_ctr_aes256_random): New file, new functions.
+
* testsuite/drbg-ctr-aes256-test.c: New testcase.
* nettle.texinfo (Randomness): Document DRBG-CTR.
diff --git a/drbg-ctr-aes256.c b/drbg-ctr-aes256.c
index 9a7badd6..a62b62ec 100644
--- a/drbg-ctr-aes256.c
+++ b/drbg-ctr-aes256.c
@@ -40,6 +40,25 @@
#include "memxor.h"
#include "block-internal.h"
+static void
+drbg_ctr_aes256_output (const struct aes256_ctx *key, union nettle_block16 *V,
+ size_t n, uint8_t *dst)
+{
+ for (; n >= AES_BLOCK_SIZE; n -= AES_BLOCK_SIZE, dst += AES_BLOCK_SIZE)
+ {
+ INCREMENT(AES_BLOCK_SIZE, V->b);
+ aes256_encrypt (key, AES_BLOCK_SIZE, dst, V->b);
+ }
+ if (n > 0)
+ {
+ union nettle_block16 block;
+
+ INCREMENT(AES_BLOCK_SIZE, V->b);
+ aes256_encrypt (key, AES_BLOCK_SIZE, block.b, V->b);
+ memcpy (dst, block.b, n);
+ }
+}
+
/* provided_data is either NULL or a pointer to
DRBG_CTR_AES256_SEED_SIZE (= 48) bytes. */
static void
@@ -47,15 +66,7 @@ drbg_ctr_aes256_update (struct aes256_ctx *key,
union nettle_block16 *V, const uint8_t *provided_data)
{
union nettle_block16 tmp[3];
-
- INCREMENT (AES_BLOCK_SIZE, V->b);
- aes256_encrypt (key, AES_BLOCK_SIZE, tmp[0].b, V->b);
-
- INCREMENT (AES_BLOCK_SIZE, V->b);
- aes256_encrypt (key, AES_BLOCK_SIZE, tmp[1].b, V->b);
-
- INCREMENT (AES_BLOCK_SIZE, V->b);
- aes256_encrypt (key, AES_BLOCK_SIZE, tmp[2].b, V->b);
+ drbg_ctr_aes256_output (key, V, DRBG_CTR_AES256_SEED_SIZE, tmp[0].b);
if (provided_data)
memxor (tmp[0].b, provided_data, DRBG_CTR_AES256_SEED_SIZE);
@@ -79,22 +90,6 @@ void
drbg_ctr_aes256_random (struct drbg_ctr_aes256_ctx *ctx,
size_t n, uint8_t *dst)
{
- while (n >= AES_BLOCK_SIZE)
- {
- INCREMENT (AES_BLOCK_SIZE, ctx->V.b);
- aes256_encrypt (&ctx->key, AES_BLOCK_SIZE, dst, ctx->V.b);
- dst += AES_BLOCK_SIZE;
- n -= AES_BLOCK_SIZE;
- }
-
- if (n > 0)
- {
- union nettle_block16 block;
-
- INCREMENT (AES_BLOCK_SIZE, ctx->V.b);
- aes256_encrypt (&ctx->key, AES_BLOCK_SIZE, block.b, ctx->V.b);
- memcpy (dst, block.b, n);
- }
-
+ drbg_ctr_aes256_output (&ctx->key, &ctx->V, n, dst);
drbg_ctr_aes256_update (&ctx->key, &ctx->V, NULL);
}
--
GitLab