From 140156d1e44867212f4ebd691db2dc5efe41a15c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Mon, 8 Jan 2018 08:06:18 +0100
Subject: [PATCH] Tweaks for in-place cbc, cfb and gcm.

* cbc.c (cbc_decrypt): For in-place operation (src == dst case),
eliminate use of src variable.
* cfb.c (cfb_decrypt): Likewise.
* gcm.c (gcm_crypt): Likewise, and replace one memxor3 by memxor.
---
 ChangeLog |  7 +++++++
 cbc.c     | 15 +++++++--------
 cfb.c     |  5 ++---
 gcm.c     |  2 +-
 4 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 24f0cc1a..0793ce7c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2018-01-08  Niels Möller  <nisse@lysator.liu.se>
+
+	* cbc.c (cbc_decrypt): For in-place operation (src == dst case),
+	eliminate use of src variable.
+	* cfb.c (cfb_decrypt): Likewise.
+	* gcm.c (gcm_crypt): Likewise, and replace one memxor3 by memxor.
+
 2018-01-03  Niels Möller  <nisse@lysator.liu.se>
 
 	* x86_64/aesni/aes-encrypt-internal.asm: Read subkeys into xmm
diff --git a/cbc.c b/cbc.c
index 85ad255c..76b6492d 100644
--- a/cbc.c
+++ b/cbc.c
@@ -109,23 +109,22 @@ cbc_decrypt(const void *ctx, nettle_cipher_func *f,
       TMP_ALLOC(buffer, buffer_size);
       TMP_ALLOC(initial_iv, block_size);
 
-      for ( ; length > buffer_size;
-	    length -= buffer_size, src += buffer_size, dst += buffer_size)
+      for ( ; length > buffer_size; length -= buffer_size, dst += buffer_size)
 	{
-	  f(ctx, buffer_size, buffer, src);
+	  f(ctx, buffer_size, buffer, dst);
 	  memcpy(initial_iv, iv, block_size);
-	  memcpy(iv, src + buffer_size - block_size, block_size);
-	  memxor3(dst + block_size, buffer + block_size, src,
+	  memcpy(iv, dst + buffer_size - block_size, block_size);
+	  memxor3(dst + block_size, buffer + block_size, dst,
 		  buffer_size - block_size);
 	  memxor3(dst, buffer, initial_iv, block_size);
 	}
 
-      f(ctx, length, buffer, src);
+      f(ctx, length, buffer, dst);
       memcpy(initial_iv, iv, block_size);
       /* Copies last block */
-      memcpy(iv, src + length - block_size, block_size);
+      memcpy(iv, dst + length - block_size, block_size);
       /* Writes all but first block, reads all but last block. */
-      memxor3(dst + block_size, buffer + block_size, src,
+      memxor3(dst + block_size, buffer + block_size, dst,
 	      length - block_size);
       /* Writes first block. */
       memxor3(dst, buffer, initial_iv, block_size);
diff --git a/cfb.c b/cfb.c
index 82cf18f4..805b8c45 100644
--- a/cfb.c
+++ b/cfb.c
@@ -147,12 +147,11 @@ cfb_decrypt(const void *ctx, nettle_cipher_func *f,
 	   * not less than block_size. So does part */
 
 	  f(ctx, block_size, buffer, iv);
-	  f(ctx, part - block_size, buffer + block_size, src);
-	  memcpy(iv, src + part - block_size, block_size);
+	  f(ctx, part - block_size, buffer + block_size, dst);
+	  memcpy(iv, dst + part - block_size, block_size);
 	  memxor(dst, buffer, part);
 
 	  length -= part;
-	  src += part;
 	  dst += part;
 	}
 
diff --git a/gcm.c b/gcm.c
index d3e30113..0a2102f1 100644
--- a/gcm.c
+++ b/gcm.c
@@ -458,7 +458,7 @@ gcm_crypt(struct gcm_ctx *ctx, const void *cipher, nettle_cipher_func *f,
 	    src += GCM_BLOCK_SIZE, dst += GCM_BLOCK_SIZE))
         {
           f (cipher, GCM_BLOCK_SIZE, buffer, ctx->ctr.b);
-          memxor3 (dst, src, buffer, GCM_BLOCK_SIZE);
+          memxor (dst, buffer, GCM_BLOCK_SIZE);
           INC32 (ctx->ctr);
         }
     }
-- 
GitLab