summary refs log tree commit diff
path: root/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'crypto')
-rw-r--r--crypto/src/crypto/digests/GOST3411_2012Digest.cs23
-rw-r--r--crypto/src/crypto/digests/Haraka256Digest.cs13
-rw-r--r--crypto/src/crypto/digests/Haraka512Digest.cs20
-rw-r--r--crypto/src/crypto/digests/HarakaBase.cs35
-rw-r--r--crypto/src/crypto/engines/AriaEngine.cs5
-rw-r--r--crypto/src/crypto/engines/SM2Engine.cs22
-rw-r--r--crypto/src/crypto/modes/OCBBlockCipher.cs5
-rw-r--r--crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs47
-rw-r--r--crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs21
9 files changed, 51 insertions, 140 deletions
diff --git a/crypto/src/crypto/digests/GOST3411_2012Digest.cs b/crypto/src/crypto/digests/GOST3411_2012Digest.cs
index 259f4bcae..a2550ec4f 100644
--- a/crypto/src/crypto/digests/GOST3411_2012Digest.cs
+++ b/crypto/src/crypto/digests/GOST3411_2012Digest.cs
@@ -363,41 +363,38 @@ namespace Org.BouncyCastle.Crypto.Digests
             V[56] = (byte)(r);
         }
 
-        private void xor512(byte[] A, byte[] B)
+        private static void Xor512(byte[] A, byte[] B)
         {
-            for (int i = 0; i < 64; ++i)
-            {
-                A[i] ^= B[i];
-            }
+            Bytes.XorTo(64, B, A);
         }
 
         private void E(byte[] K, byte[] m)
         {
             Array.Copy(K, 0, Ki, 0, 64);
-            xor512(K, m);
+            Xor512(K, m);
             F(K);
             for (int i = 0; i < 11; ++i)
             {
-                xor512(Ki, C[i]);
+                Xor512(Ki, C[i]);
                 F(Ki);
-                xor512(K, Ki);
+                Xor512(K, Ki);
                 F(K);
             }
-            xor512(Ki, C[11]);
+            Xor512(Ki, C[11]);
             F(Ki);
-            xor512(K, Ki);
+            Xor512(K, Ki);
         }
 
         private void g_N(byte[] h, byte[] N, byte[] m)
         {
             Array.Copy(h, 0, tmp, 0, 64);
 
-            xor512(h, N);
+            Xor512(h, N);
             F(h);
 
             E(h, m);
-            xor512(h, tmp);
-            xor512(h, m);
+            Xor512(h, tmp);
+            Xor512(h, m);
         }
 
         private void addMod512(byte[] A, int num)
diff --git a/crypto/src/crypto/digests/Haraka256Digest.cs b/crypto/src/crypto/digests/Haraka256Digest.cs
index efbaa81e2..6f4a48845 100644
--- a/crypto/src/crypto/digests/Haraka256Digest.cs
+++ b/crypto/src/crypto/digests/Haraka256Digest.cs
@@ -1,5 +1,7 @@
 using System;
 
+using Org.BouncyCastle.Utilities;
+
 namespace Org.BouncyCastle.Crypto.Digests
 {
     public sealed class Haraka256Digest
@@ -140,8 +142,8 @@ namespace Org.BouncyCastle.Crypto.Digests
             s1[1] = AesEnc(s1[1], RC[19]);
             Mix256(s1, s2);
 
-            Xor(s2[0], msg      , output[  ..16]);
-            Xor(s2[1], msg[16..], output[16..32]);
+            Bytes.Xor(16, s2[0], msg      , output);
+            Bytes.Xor(16, s2[1], msg[16..], output[16..]);
 
             return DIGEST_SIZE;
         }
@@ -188,11 +190,8 @@ namespace Org.BouncyCastle.Crypto.Digests
             s1[1] = AesEnc(s1[1], RC[19]);
             Mix256(s1, s2);
 
-            s1[0] = Xor(s2[0], msg,  0);
-            s1[1] = Xor(s2[1], msg, 16);
-
-            Array.Copy(s1[0], 0, output, outOff     , 16);
-            Array.Copy(s1[1], 0, output, outOff + 16, 16);
+            Bytes.Xor(16, s2[0], 0, msg,  0, output, outOff);
+            Bytes.Xor(16, s2[1], 0, msg, 16, output, outOff + 16);
 
             return DIGEST_SIZE;
         }
diff --git a/crypto/src/crypto/digests/Haraka512Digest.cs b/crypto/src/crypto/digests/Haraka512Digest.cs
index 4c9794bac..a117f5ba0 100644
--- a/crypto/src/crypto/digests/Haraka512Digest.cs
+++ b/crypto/src/crypto/digests/Haraka512Digest.cs
@@ -1,5 +1,7 @@
 using System;
 
+using Org.BouncyCastle.Utilities;
+
 namespace Org.BouncyCastle.Crypto.Digests
 {
     public sealed class Haraka512Digest
@@ -166,10 +168,10 @@ namespace Org.BouncyCastle.Crypto.Digests
             s1[3] = AesEnc(s1[3], RC[39]);
             Mix512(s1, s2);
 
-            Xor(s2[0], msg, s1[0]);
-            Xor(s2[1], msg[16..], s1[1]);
-            Xor(s2[2], msg[32..], s1[2]);
-            Xor(s2[3], msg[48..], s1[3]);
+            Bytes.Xor(16, s2[0], msg      , s1[0]);
+            Bytes.Xor(16, s2[1], msg[16..], s1[1]);
+            Bytes.Xor(16, s2[2], msg[32..], s1[2]);
+            Bytes.Xor(16, s2[3], msg[48..], s1[3]);
 
             s1[0].AsSpan(8, 8).CopyTo(output);
             s1[1].AsSpan(8, 8).CopyTo(output[8..]);
@@ -192,7 +194,7 @@ namespace Org.BouncyCastle.Crypto.Digests
             s2[2] = new byte[16];
             s2[3] = new byte[16];
 
-            Array.Copy(msg, 0, s1[0], 0, 16);
+            Array.Copy(msg,  0, s1[0], 0, 16);
             Array.Copy(msg, 16, s1[1], 0, 16);
             Array.Copy(msg, 32, s1[2], 0, 16);
             Array.Copy(msg, 48, s1[3], 0, 16);
@@ -247,10 +249,10 @@ namespace Org.BouncyCastle.Crypto.Digests
             s1[3] = AesEnc(s1[3], RC[39]);
             Mix512(s1, s2);
 
-            s1[0] = Xor(s2[0], msg, 0);
-            s1[1] = Xor(s2[1], msg, 16);
-            s1[2] = Xor(s2[2], msg, 32);
-            s1[3] = Xor(s2[3], msg, 48);
+            Bytes.Xor(16, s2[0], 0, msg,  0, s1[0], 0);
+            Bytes.Xor(16, s2[1], 0, msg, 16, s1[1], 0);
+            Bytes.Xor(16, s2[2], 0, msg, 32, s1[2], 0);
+            Bytes.Xor(16, s2[3], 0, msg, 48, s1[3], 0);
 
             Array.Copy(s1[0], 8, output, outOff, 8);
             Array.Copy(s1[1], 8, output, outOff + 8, 8);
diff --git a/crypto/src/crypto/digests/HarakaBase.cs b/crypto/src/crypto/digests/HarakaBase.cs
index 1ca688914..661f140c4 100644
--- a/crypto/src/crypto/digests/HarakaBase.cs
+++ b/crypto/src/crypto/digests/HarakaBase.cs
@@ -1,5 +1,7 @@
 using System;
 
+using Org.BouncyCastle.Utilities;
+
 namespace Org.BouncyCastle.Crypto.Digests
 {
     public abstract class HarakaBase
@@ -102,7 +104,7 @@ namespace Org.BouncyCastle.Crypto.Digests
             s = SubBytes(s);
             s = ShiftRows(s);
             s = MixColumns(s);
-            XorTo(rk, s);
+            Bytes.XorTo(16, rk, s);
             return s;
         }
 
@@ -111,37 +113,6 @@ namespace Org.BouncyCastle.Crypto.Digests
             return (byte)(((p & 0x7F) << 1) ^ (((uint)p >> 7) * 0x1BU));
         }
 
-#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
-        internal static void Xor(ReadOnlySpan<byte> x, ReadOnlySpan<byte> y, Span<byte> z)
-        {
-            for (int i = 0; i < z.Length; i++)
-            {
-                z[i] = (byte)(x[i] ^ y[i]);
-            }
-        }
-#else
-        internal static byte[] Xor(byte[] x, byte[] y, int yStart)
-        {
-            byte[] output = new byte[16];
-            for (int i = 0; i < output.Length; i++)
-            {
-                output[i] = (byte)(x[i] ^ y[yStart++]);
-            }
-            return output;
-        }
-#endif
-
-        private static void XorTo(byte[] x, byte[] z)
-        {
-            for (int i = 0; i < 16; i += 4)
-            {
-                z[i + 0] ^= x[i + 0];
-                z[i + 1] ^= x[i + 1];
-                z[i + 2] ^= x[i + 2];
-                z[i + 3] ^= x[i + 3];
-            }
-        }
-
         private static byte[] MixColumns(byte[] s)
         {
             byte[] output = new byte[s.Length];
diff --git a/crypto/src/crypto/engines/AriaEngine.cs b/crypto/src/crypto/engines/AriaEngine.cs
index c52fd30bf..06e354809 100644
--- a/crypto/src/crypto/engines/AriaEngine.cs
+++ b/crypto/src/crypto/engines/AriaEngine.cs
@@ -432,10 +432,7 @@ namespace Org.BouncyCastle.Crypto.Engines
 
         protected static void Xor(byte[] z, byte[] x)
         {
-            for (int i = 0; i < 16; ++i)
-            {
-                z[i] ^= x[i];
-            }
+            Bytes.XorTo(16, x, z);
         }
     }
 }
diff --git a/crypto/src/crypto/engines/SM2Engine.cs b/crypto/src/crypto/engines/SM2Engine.cs
index 96bad4eb2..9445f1466 100644
--- a/crypto/src/crypto/engines/SM2Engine.cs
+++ b/crypto/src/crypto/engines/SM2Engine.cs
@@ -395,35 +395,17 @@ namespace Org.BouncyCastle.Crypto.Engines
                 Pack.UInt32_To_BE(++ct, buf);
                 digest.BlockUpdate(buf[..4]);
                 digest.DoFinal(buf);
-                Xor(encData.AsSpan(off, xorLen), buf);
+                Bytes.XorTo(xorLen, buf, encData.AsSpan(off));
 #else
                 Pack.UInt32_To_BE(++ct, buf, 0);
                 digest.BlockUpdate(buf, 0, 4);
                 digest.DoFinal(buf, 0);
-                Xor(encData, buf, off, xorLen);
+                Bytes.XorTo(xorLen, buf, 0, encData, off);
 #endif
                 off += xorLen;
             }
         }
 
-#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
-        private void Xor(Span<byte> data, ReadOnlySpan<byte> kdfOut)
-        {
-            for (int i = 0; i != data.Length; i++)
-            {
-                data[i] ^= kdfOut[i];
-            }
-        }
-#else
-        private void Xor(byte[] data, byte[] kdfOut, int dOff, int dRemaining)
-        {
-            for (int i = 0; i != dRemaining; i++)
-            {
-                data[dOff + i] ^= kdfOut[i];
-            }
-        }
-#endif
-
         private BigInteger NextK()
         {
             int qBitLength = mECParams.N.BitLength;
diff --git a/crypto/src/crypto/modes/OCBBlockCipher.cs b/crypto/src/crypto/modes/OCBBlockCipher.cs
index c0bca2681..604a7d205 100644
--- a/crypto/src/crypto/modes/OCBBlockCipher.cs
+++ b/crypto/src/crypto/modes/OCBBlockCipher.cs
@@ -762,10 +762,7 @@ namespace Org.BouncyCastle.Crypto.Modes
 
         protected static void Xor(byte[] block, byte[] val)
         {
-            for (int i = 15; i >= 0; --i)
-            {
-                block[i] ^= val[i];
-            }
+            Bytes.XorTo(16, val, block);
         }
     }
 }
diff --git a/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs b/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs
index fd7b107e0..9873c1a4a 100644
--- a/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs
+++ b/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs
@@ -103,7 +103,7 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg
 				block[..bytesToCopy].CopyTo(temp[(i * blockSize)..]);
             }
 
-			XorWith(seed, temp);
+            Bytes.XorTo(seedLength, seed, temp);
 
 			key.CopyFrom(temp);
 			v.CopyFrom(temp[key.Length..]);
@@ -111,14 +111,15 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg
 #else
         private void CTR_DRBG_Update(byte[] seed, byte[] key, byte[] v)
 	    {
-			byte[] temp = new byte[seed.Length];
+            int seedLength = seed.Length;
+			byte[] temp = new byte[seedLength];
 	        byte[] outputBlock = new byte[mEngine.GetBlockSize()];
 
             int i = 0;
 	        int outLen = mEngine.GetBlockSize();
 
 			mEngine.Init(true, ExpandToKeyParameter(key));
-	        while (i * outLen < seed.Length)
+	        while (i * outLen < seedLength)
 	        {
 	            AddOneTo(v);
 	            mEngine.ProcessBlock(v, 0, outputBlock, 0);
@@ -128,7 +129,7 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg
 	            ++i;
 	        }
 
-	        Xor(temp, seed, temp, 0);
+            Bytes.XorTo(seedLength, seed, temp);
 
 	        Array.Copy(temp, 0, key, 0, key.Length);
 	        Array.Copy(temp, key.Length, v, 0, v.Length);
@@ -172,32 +173,6 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg
 #endif
 
 #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
-        private void Xor(ReadOnlySpan<byte> x, ReadOnlySpan<byte> y, Span<byte> z)
-        {
-            for (int i = 0; i < z.Length; ++i)
-            {
-                z[i] = (byte)(x[i] ^ y[i]);
-            }
-        }
-
-        private void XorWith(ReadOnlySpan<byte> x, Span<byte> z)
-        {
-            for (int i = 0; i < z.Length; ++i)
-            {
-				z[i] ^= x[i];
-            }
-        }
-#else
-        private void Xor(byte[] output, byte[] a, byte[] b, int bOff)
-	    {
-            for (int i = 0; i < output.Length; i++) 
-	        {
-                output[i] = (byte)(a[i] ^ b[bOff + i]);
-	        }
-	    }
-#endif
-
-#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
         private void AddOneTo(Span<byte> longer)
 #else
 		private void AddOneTo(byte[] longer)
@@ -449,7 +424,7 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg
             int n = data.Length / blockSize;
             for (int i = 0; i < n; i++)
             {
-                Xor(chainingValue, data[(i * blockSize)..], inputBlock);
+                Bytes.Xor(blockSize, chainingValue, data[(i * blockSize)..], inputBlock);
                 mEngine.ProcessBlock(inputBlock, chainingValue);
             }
 
@@ -458,17 +433,17 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg
 #else
         private void BCC(byte[] bccOut, byte[] iV, byte[] data)
 	    {
-	        int outlen = mEngine.GetBlockSize();
-	        byte[] chainingValue = new byte[outlen]; // initial values = 0
-	        int n = data.Length / outlen;
+	        int blockSize = mEngine.GetBlockSize();
 
-	        byte[] inputBlock = new byte[outlen];
+	        byte[] chainingValue = new byte[blockSize]; // initial values = 0
+	        byte[] inputBlock = new byte[blockSize];
 
             mEngine.ProcessBlock(iV, 0, chainingValue, 0);
 
+            int n = data.Length / blockSize;
             for (int i = 0; i < n; i++)
 	        {
-	            Xor(inputBlock, chainingValue, data, i*outlen);
+                Bytes.Xor(blockSize, chainingValue, 0, data, i * blockSize, inputBlock, 0);
 	            mEngine.ProcessBlock(inputBlock, 0, chainingValue, 0);
 	        }
 
diff --git a/crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs b/crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs
index 87681c484..756f71a71 100644
--- a/crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs
+++ b/crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs
@@ -34,11 +34,11 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
             Span<byte> buf = stackalloc byte[64];
             while (pkSeed.Length >= 32)
             {
-                XorWith(pkSeed[..32], buf);
+                Bytes.XorTo(32, pkSeed, buf);
                 Haraka512_X86.Permute(buf, buf);
                 pkSeed = pkSeed[32..];
             }
-            XorWith(pkSeed, buf);
+            Bytes.XorTo(pkSeed.Length, pkSeed, buf);
             buf[pkSeed.Length] ^= 0x1F;
             buf[           31] ^= 0x80;
 
@@ -86,23 +86,23 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
             int available = 32 - m_bufPos;
             if (input.Length < available)
             {
-                XorWith(input, m_buf.AsSpan(m_bufPos));
+                Bytes.XorTo(input.Length, input, m_buf.AsSpan(m_bufPos));
                 m_bufPos += input.Length;
                 return;
             }
 
-            XorWith(input[..available], m_buf.AsSpan(m_bufPos));
+            Bytes.XorTo(available, input, m_buf.AsSpan(m_bufPos));
             input = input[available..];
             Haraka512_X86.Permute(m_buf, m_buf, m_roundConstants);
 
             while (input.Length >= 32)
             {
-                XorWith(input[..32], m_buf);
+                Bytes.XorTo(32, input, m_buf);
                 input = input[32..];
                 Haraka512_X86.Permute(m_buf, m_buf, m_roundConstants);
             }
 
-            XorWith(input, m_buf);
+            Bytes.XorTo(input.Length, input, m_buf);
             m_bufPos = input.Length;
         }
 
@@ -195,15 +195,6 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
                 BinaryPrimitives.ReadUInt64LittleEndian(t[8..])
             ).AsByte();
         }
-
-        [MethodImpl(MethodImplOptions.AggressiveInlining)]
-        private static void XorWith(ReadOnlySpan<byte> x, Span<byte> z)
-        {
-            for (int i = 0; i < x.Length; i++)
-            {
-                z[i] ^= x[i];
-            }
-        }
     }
 }
 #endif