Split mbedtls_gcm_init() -> gcm_setkey()

ChangeLog

@@ -16,6 +16,7 @@ API Changes
    * The following _init() functions that could return errors have
      been split into an _init() that returns void and another function:
      mbedtls_ccm_init() -> mbedtls_ccm_setkey()
+     mbedtls_gcm_init() -> mbedtls_gcm_setkey()
    * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
      return void.
    * ecdsa_write_signature() gained an addtional md_alg argument and

include/mbedtls/gcm.h

@@ -54,6 +54,15 @@ typedef struct {
 }
 mbedtls_gcm_context;
 
+/**
+ * \brief           Initialize GCM context (just makes references valid)
+ *                  Makes the context ready for mbedtls_gcm_setkey() or
+ *                  mbedtls_gcm_free().
+ *
+ * \param ctx       GCM context to initialize
+ */
+void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
+
 /**
  * \brief           GCM initialization (encryption)
  *
@@ -64,8 +73,10 @@ mbedtls_gcm_context;
  *
  * \return          0 if successful, or a cipher specific error code
  */
-int mbedtls_gcm_init( mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key,
-              unsigned int keysize );
+int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
+                        mbedtls_cipher_id_t cipher,
+                        const unsigned char *key,
+                        unsigned int keysize );
 
 /**
  * \brief           GCM buffer encryption/decryption using a block cipher

library/cipher_wrap.c

@@ -332,7 +332,7 @@ static const mbedtls_cipher_info_t aes_256_ctr_info = {
 static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key,
                                 unsigned int key_length )
 {
-    return mbedtls_gcm_init( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
+    return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
                      key, key_length );
 }
 
@@ -689,7 +689,7 @@ static const mbedtls_cipher_info_t camellia_256_ctr_info = {
 static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key,
                                      unsigned int key_length )
 {
-    return mbedtls_gcm_init( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
+    return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
                      key, key_length );
 }
 

library/gcm.c

@@ -83,6 +83,14 @@ static void mbedtls_zeroize( void *v, size_t n ) {
     volatile unsigned char *p = v; while( n-- ) *p++ = 0;
 }
 
+/*
+ * Initialize a context
+ */
+void mbedtls_gcm_init( mbedtls_gcm_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_gcm_context ) );
+}
+
 /*
  * Precompute small multiples of H, that is set
  *      HH[i] || HL[i] = H times i,
@@ -151,8 +159,10 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx )
     return( 0 );
 }
 
-int mbedtls_gcm_init( mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key,
-              unsigned int keysize )
+int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
+                        mbedtls_cipher_id_t cipher,
+                        const unsigned char *key,
+                        unsigned int keysize )
 {
     int ret;
     const mbedtls_cipher_info_t *cipher_info;
@@ -736,6 +746,8 @@ int mbedtls_gcm_self_test( int verbose )
     int i, j, ret;
     mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
 
+    mbedtls_gcm_init( &ctx );
+
     for( j = 0; j < 3; j++ )
     {
         int key_len = 128 + 64 * j;
@@ -746,7 +758,7 @@ int mbedtls_gcm_self_test( int verbose )
                 mbedtls_printf( "  AES-GCM-%3d #%d (%s): ",
                                  key_len, i, "enc" );
 
-            mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
+            mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
 
             ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
                                      pt_len[i],
@@ -773,7 +785,7 @@ int mbedtls_gcm_self_test( int verbose )
                 mbedtls_printf( "  AES-GCM-%3d #%d (%s): ",
                                  key_len, i, "dec" );
 
-            mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
+            mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
 
             ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
                                      pt_len[i],
@@ -800,7 +812,7 @@ int mbedtls_gcm_self_test( int verbose )
                 mbedtls_printf( "  AES-GCM-%3d #%d split (%s): ",
                                  key_len, i, "enc" );
 
-            mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
+            mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
 
             ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
                               iv[iv_index[i]], iv_len[i],
@@ -867,7 +879,7 @@ int mbedtls_gcm_self_test( int verbose )
                 mbedtls_printf( "  AES-GCM-%3d #%d split (%s): ",
                                  key_len, i, "dec" );
 
-            mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
+            mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
 
             ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
                               iv[iv_index[i]], iv_len[i],

programs/test/benchmark.c

@@ -412,13 +412,15 @@ int main( int argc, char *argv[] )
     {
         int keysize;
         mbedtls_gcm_context gcm;
+
+        mbedtls_gcm_init( &gcm );
         for( keysize = 128; keysize <= 256; keysize += 64 )
         {
             mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
 
             memset( buf, 0, sizeof( buf ) );
             memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_gcm_init( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
+            mbedtls_gcm_setkey( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
 
             TIME_AND_TSC( title,
                     mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp,

tests/suites/test_suite_gcm.function

@@ -26,6 +26,8 @@ void gcm_encrypt_and_tag( int cipher_id,
     unsigned int key_len;
     size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
 
+    mbedtls_gcm_init( &ctx );
+
     memset(key_str, 0x00, 128);
     memset(src_str, 0x00, 128);
     memset(dst_str, 0x00, 257);
@@ -40,7 +42,7 @@ void gcm_encrypt_and_tag( int cipher_id,
     iv_len = unhexify( iv_str, hex_iv_string );
     add_len = unhexify( add_str, hex_add_string );
 
-    TEST_ASSERT( mbedtls_gcm_init( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
+    TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
     if( init_result == 0 )
     {
         TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, pt_len, iv_str, iv_len, add_str, add_len, src_str, output, tag_len, tag_output ) == 0 );
@@ -75,6 +77,8 @@ void gcm_decrypt_and_verify( int cipher_id,
     size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
     int ret;
 
+    mbedtls_gcm_init( &ctx );
+
     memset(key_str, 0x00, 128);
     memset(src_str, 0x00, 128);
     memset(dst_str, 0x00, 257);
@@ -89,7 +93,7 @@ void gcm_decrypt_and_verify( int cipher_id,
     add_len = unhexify( add_str, hex_add_string );
     unhexify( tag_str, hex_tag_string );
 
-    TEST_ASSERT( mbedtls_gcm_init( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
+    TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
     if( init_result == 0 )
     {
         ret = mbedtls_gcm_auth_decrypt( &ctx, pt_len, iv_str, iv_len, add_str, add_len, tag_str, tag_len, src_str, output );