modes/gcm128.c: harmonize ctx->ghash assignment, shortcut *_ctr32

in OPENSSL_SMALL_FOOTPRINT build, remove undesired reformat artefact and inconsistency in pre-processor logic. Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-01-25 15:48:42 +01:00 · 2015-01-25 15:48:42 +01:00 · 2e635aa81c
commit 2e635aa81c
parent b2991c081a
1 changed files with 104 additions and 118 deletions
--- a/crypto/modes/gcm128.c
+++ b/crypto/modes/gcm128.c
@ -148,9 +148,7 @@ static void gcm_gmult_8bit(u64 Xi[2], const u128 Htable[256])
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };
    static const size_t rem_8bit[256] = {
        PACK(0x0000), PACK(0x01C2), PACK(0x0384), PACK(0x0246),
        PACK(0x0708), PACK(0x06CA), PACK(0x048C), PACK(0x054E),
@ -319,9 +317,7 @@ static void gcm_init_4bit(u128 Htable[16], u64 H[2])
        const union {
            long one;
            char little;
-        } is_endian = {
-            1
-        };
+        } is_endian = { 1 };

        if (is_endian.little)
            for (j = 0; j < 16; ++j) {
@ -354,9 +350,7 @@ static void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16])
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };

    nlo = ((const u8 *)Xi)[15];
    nhi = nlo >> 4;
@ -435,9 +429,7 @@ static void gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16],
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };

 #   if 1
    do {
@ -627,9 +619,7 @@ static void gcm_gmult_1bit(u64 Xi[2], const u64 H[2])
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };

    V.hi = H[0];                /* H is in host byte order, no byte swapping */
    V.lo = H[1];
@ -772,9 +762,7 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };

    memset(ctx, 0, sizeof(*ctx));
    ctx->block = block;
@ -799,6 +787,11 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
 #if     TABLE_BITS==8
    gcm_init_8bit(ctx->Htable, ctx->H.u);
 #elif   TABLE_BITS==4
+# if    defined(GHASH)
+#  define CTX__GHASH(f) (ctx->ghash = (f))
+# else
+#  define CTX__GHASH(f) (ctx->ghash = NULL)
+# endif
 # if    defined(GHASH_ASM_X86_OR_64)
 #  if   !defined(GHASH_ASM_X86) || defined(OPENSSL_IA32_SSE2)
    if (OPENSSL_ia32cap_P[0] & (1 << 24) && /* check FXSR bit */
@ -806,11 +799,11 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
        if (((OPENSSL_ia32cap_P[1] >> 22) & 0x41) == 0x41) { /* AVX+MOVBE */
            gcm_init_avx(ctx->Htable, ctx->H.u);
            ctx->gmult = gcm_gmult_avx;
-            ctx->ghash = gcm_ghash_avx;
+            CTX__GHASH(gcm_ghash_avx);
        } else {
            gcm_init_clmul(ctx->Htable, ctx->H.u);
            ctx->gmult = gcm_gmult_clmul;
-            ctx->ghash = gcm_ghash_clmul;
+            CTX__GHASH(gcm_ghash_clmul);
        }
        return;
    }
@ -823,66 +816,59 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
    if (OPENSSL_ia32cap_P[0] & (1 << 23)) { /* check MMX bit */
 #   endif
        ctx->gmult = gcm_gmult_4bit_mmx;
-        ctx->ghash = gcm_ghash_4bit_mmx;
+        CTX__GHASH(gcm_ghash_4bit_mmx);
    } else {
        ctx->gmult = gcm_gmult_4bit_x86;
-        ctx->ghash = gcm_ghash_4bit_x86;
+        CTX__GHASH(gcm_ghash_4bit_x86);
    }
 #  else
    ctx->gmult = gcm_gmult_4bit;
-    ctx->ghash = gcm_ghash_4bit;
+    CTX__GHASH(gcm_ghash_4bit);
 #  endif
 # elif  defined(GHASH_ASM_ARM)
 #  ifdef PMULL_CAPABLE
    if (PMULL_CAPABLE) {
        gcm_init_v8(ctx->Htable, ctx->H.u);
        ctx->gmult = gcm_gmult_v8;
-        ctx->ghash = gcm_ghash_v8;
+        CTX__GHASH(gcm_ghash_v8);
    } else
 #  endif
 #  ifdef NEON_CAPABLE
    if (NEON_CAPABLE) {
        gcm_init_neon(ctx->Htable, ctx->H.u);
        ctx->gmult = gcm_gmult_neon;
-        ctx->ghash = gcm_ghash_neon;
+        CTX__GHASH(gcm_ghash_neon);
    } else
 #  endif
    {
        gcm_init_4bit(ctx->Htable, ctx->H.u);
        ctx->gmult = gcm_gmult_4bit;
-#  if defined(GHASH)
-        ctx->ghash = gcm_ghash_4bit;
-#  else
-        ctx->ghash = NULL;
-#  endif
+        CTX__GHASH(gcm_ghash_4bit);
    }
 # elif  defined(GHASH_ASM_SPARC)
    if (OPENSSL_sparcv9cap_P[0] & SPARCV9_VIS3) {
        gcm_init_vis3(ctx->Htable, ctx->H.u);
        ctx->gmult = gcm_gmult_vis3;
-        ctx->ghash = gcm_ghash_vis3;
+        CTX__GHASH(gcm_ghash_vis3);
    } else {
        gcm_init_4bit(ctx->Htable, ctx->H.u);
        ctx->gmult = gcm_gmult_4bit;
-        ctx->ghash = gcm_ghash_4bit;
+        CTX__GHASH(gcm_ghash_4bit);
    }
 # elif  defined(GHASH_ASM_PPC)
    if (OPENSSL_ppccap_P & PPC_CRYPTO207) {
        gcm_init_p8(ctx->Htable, ctx->H.u);
        ctx->gmult = gcm_gmult_p8;
-        ctx->ghash = gcm_ghash_p8;
+        CTX__GHASH(gcm_ghash_p8);
    } else {
        gcm_init_4bit(ctx->Htable, ctx->H.u);
        ctx->gmult = gcm_gmult_4bit;
-#  if defined(GHASH)
-        ctx->ghash = gcm_ghash_4bit;
-#  else
-        ctx->ghash = NULL;
-#  endif
+        CTX__GHASH(gcm_ghash_4bit);
    }
 # else
    gcm_init_4bit(ctx->Htable, ctx->H.u);
 # endif
+# undef CTX__GHASH
 #endif
 }

@ -892,9 +878,7 @@ void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };
    unsigned int ctr;
 #ifdef GCM_FUNCREF_4BIT
    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
@ -1038,9 +1022,7 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };
    unsigned int n, ctr;
    size_t i;
    u64 mlen = ctx->len.u[1];
@ -1048,7 +1030,7 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
    void *key = ctx->key;
 #ifdef GCM_FUNCREF_4BIT
    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
-# ifdef GHASH
+# if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
                         const u8 *inp, size_t len) = ctx->ghash;
 # endif
@ -1098,7 +1080,8 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
            if (((size_t)in | (size_t)out) % sizeof(size_t) != 0)
                break;
 # endif
-# if defined(GHASH) && defined(GHASH_CHUNK)
+# if defined(GHASH)
+#  if defined(GHASH_CHUNK)
            while (len >= GHASH_CHUNK) {
                size_t j = GHASH_CHUNK;

@ -1125,6 +1108,7 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
                GHASH(ctx, out - GHASH_CHUNK, GHASH_CHUNK);
                len -= GHASH_CHUNK;
            }
+#  endif
            if ((i = (len & (size_t)-16))) {
                size_t j = i;

@ -1225,9 +1209,7 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };
    unsigned int n, ctr;
    size_t i;
    u64 mlen = ctx->len.u[1];
@ -1235,7 +1217,7 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
    void *key = ctx->key;
 #ifdef GCM_FUNCREF_4BIT
    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
-# ifdef GHASH
+# if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
                         const u8 *inp, size_t len) = ctx->ghash;
 # endif
@ -1284,7 +1266,8 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
            if (((size_t)in | (size_t)out) % sizeof(size_t) != 0)
                break;
 # endif
-# if defined(GHASH) && defined(GHASH_CHUNK)
+# if defined(GHASH)
+#  if defined(GHASH_CHUNK)
            while (len >= GHASH_CHUNK) {
                size_t j = GHASH_CHUNK;

@ -1311,6 +1294,7 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
                }
                len -= GHASH_CHUNK;
            }
+#  endif
            if ((i = (len & (size_t)-16))) {
                GHASH(ctx, in, i);
                while (len >= 16) {
@ -1414,12 +1398,13 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
                                const unsigned char *in, unsigned char *out,
                                size_t len, ctr128_f stream)
 {
+#if defined(OPENSSL_SMALL_FOOTPRINT)
+    return CRYPTO_gcm128_encrypt(ctx, in, out, len);
+#else
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };
    unsigned int n, ctr;
    size_t i;
    u64 mlen = ctx->len.u[1];
@ -1466,7 +1451,7 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
            return 0;
        }
    }
-#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
+# if defined(GHASH) && defined(GHASH_CHUNK)
    while (len >= GHASH_CHUNK) {
        (*stream) (in, out, GHASH_CHUNK / 16, key, ctx->Yi.c);
        ctr += GHASH_CHUNK / 16;
@ -1530,18 +1515,20 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,

    ctx->mres = n;
    return 0;
+#endif
 }

 int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
                                const unsigned char *in, unsigned char *out,
                                size_t len, ctr128_f stream)
 {
+#if defined(OPENSSL_SMALL_FOOTPRINT)
+    return CRYPTO_gcm128_decrypt(ctx, in, out, len);
+#else
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };
    unsigned int n, ctr;
    size_t i;
    u64 mlen = ctx->len.u[1];
@ -1590,7 +1577,7 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
            return 0;
        }
    }
-#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
+# if defined(GHASH) && defined(GHASH_CHUNK)
    while (len >= GHASH_CHUNK) {
        GHASH(ctx, in, GHASH_CHUNK);
        (*stream) (in, out, GHASH_CHUNK / 16, key, ctx->Yi.c);
@ -1659,6 +1646,7 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,

    ctx->mres = n;
    return 0;
+#endif
 }

 int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
@ -1667,9 +1655,7 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
    const union {
        long one;
        char little;
-    } is_endian = {
-        1
-    };
+    } is_endian = { 1 };
    u64 alen = ctx->len.u[0] << 3;
    u64 clen = ctx->len.u[1] << 3;
 #ifdef GCM_FUNCREF_4BIT