From 566d37eacdf2217b83539ebcedbfe722686d18ac Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Sun, 30 Apr 2023 19:10:49 +0700 Subject: Use Bytes methods in a few places --- crypto/src/crypto/digests/GOST3411_2012Digest.cs | 23 +++++------- crypto/src/crypto/digests/Haraka256Digest.cs | 13 +++---- crypto/src/crypto/digests/Haraka512Digest.cs | 20 +++++----- crypto/src/crypto/digests/HarakaBase.cs | 35 ++---------------- crypto/src/crypto/engines/AriaEngine.cs | 5 +-- crypto/src/crypto/engines/SM2Engine.cs | 22 +---------- crypto/src/crypto/modes/OCBBlockCipher.cs | 5 +-- crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs | 47 ++++++------------------ crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs | 21 +++-------- 9 files changed, 51 insertions(+), 140 deletions(-) diff --git a/crypto/src/crypto/digests/GOST3411_2012Digest.cs b/crypto/src/crypto/digests/GOST3411_2012Digest.cs index 259f4bcae..a2550ec4f 100644 --- a/crypto/src/crypto/digests/GOST3411_2012Digest.cs +++ b/crypto/src/crypto/digests/GOST3411_2012Digest.cs @@ -363,41 +363,38 @@ namespace Org.BouncyCastle.Crypto.Digests V[56] = (byte)(r); } - private void xor512(byte[] A, byte[] B) + private static void Xor512(byte[] A, byte[] B) { - for (int i = 0; i < 64; ++i) - { - A[i] ^= B[i]; - } + Bytes.XorTo(64, B, A); } private void E(byte[] K, byte[] m) { Array.Copy(K, 0, Ki, 0, 64); - xor512(K, m); + Xor512(K, m); F(K); for (int i = 0; i < 11; ++i) { - xor512(Ki, C[i]); + Xor512(Ki, C[i]); F(Ki); - xor512(K, Ki); + Xor512(K, Ki); F(K); } - xor512(Ki, C[11]); + Xor512(Ki, C[11]); F(Ki); - xor512(K, Ki); + Xor512(K, Ki); } private void g_N(byte[] h, byte[] N, byte[] m) { Array.Copy(h, 0, tmp, 0, 64); - xor512(h, N); + Xor512(h, N); F(h); E(h, m); - xor512(h, tmp); - xor512(h, m); + Xor512(h, tmp); + Xor512(h, m); } private void addMod512(byte[] A, int num) diff --git a/crypto/src/crypto/digests/Haraka256Digest.cs b/crypto/src/crypto/digests/Haraka256Digest.cs index efbaa81e2..6f4a48845 100644 --- a/crypto/src/crypto/digests/Haraka256Digest.cs +++ b/crypto/src/crypto/digests/Haraka256Digest.cs @@ -1,5 +1,7 @@ using System; +using Org.BouncyCastle.Utilities; + namespace Org.BouncyCastle.Crypto.Digests { public sealed class Haraka256Digest @@ -140,8 +142,8 @@ namespace Org.BouncyCastle.Crypto.Digests s1[1] = AesEnc(s1[1], RC[19]); Mix256(s1, s2); - Xor(s2[0], msg , output[ ..16]); - Xor(s2[1], msg[16..], output[16..32]); + Bytes.Xor(16, s2[0], msg , output); + Bytes.Xor(16, s2[1], msg[16..], output[16..]); return DIGEST_SIZE; } @@ -188,11 +190,8 @@ namespace Org.BouncyCastle.Crypto.Digests s1[1] = AesEnc(s1[1], RC[19]); Mix256(s1, s2); - s1[0] = Xor(s2[0], msg, 0); - s1[1] = Xor(s2[1], msg, 16); - - Array.Copy(s1[0], 0, output, outOff , 16); - Array.Copy(s1[1], 0, output, outOff + 16, 16); + Bytes.Xor(16, s2[0], 0, msg, 0, output, outOff); + Bytes.Xor(16, s2[1], 0, msg, 16, output, outOff + 16); return DIGEST_SIZE; } diff --git a/crypto/src/crypto/digests/Haraka512Digest.cs b/crypto/src/crypto/digests/Haraka512Digest.cs index 4c9794bac..a117f5ba0 100644 --- a/crypto/src/crypto/digests/Haraka512Digest.cs +++ b/crypto/src/crypto/digests/Haraka512Digest.cs @@ -1,5 +1,7 @@ using System; +using Org.BouncyCastle.Utilities; + namespace Org.BouncyCastle.Crypto.Digests { public sealed class Haraka512Digest @@ -166,10 +168,10 @@ namespace Org.BouncyCastle.Crypto.Digests s1[3] = AesEnc(s1[3], RC[39]); Mix512(s1, s2); - Xor(s2[0], msg, s1[0]); - Xor(s2[1], msg[16..], s1[1]); - Xor(s2[2], msg[32..], s1[2]); - Xor(s2[3], msg[48..], s1[3]); + Bytes.Xor(16, s2[0], msg , s1[0]); + Bytes.Xor(16, s2[1], msg[16..], s1[1]); + Bytes.Xor(16, s2[2], msg[32..], s1[2]); + Bytes.Xor(16, s2[3], msg[48..], s1[3]); s1[0].AsSpan(8, 8).CopyTo(output); s1[1].AsSpan(8, 8).CopyTo(output[8..]); @@ -192,7 +194,7 @@ namespace Org.BouncyCastle.Crypto.Digests s2[2] = new byte[16]; s2[3] = new byte[16]; - Array.Copy(msg, 0, s1[0], 0, 16); + Array.Copy(msg, 0, s1[0], 0, 16); Array.Copy(msg, 16, s1[1], 0, 16); Array.Copy(msg, 32, s1[2], 0, 16); Array.Copy(msg, 48, s1[3], 0, 16); @@ -247,10 +249,10 @@ namespace Org.BouncyCastle.Crypto.Digests s1[3] = AesEnc(s1[3], RC[39]); Mix512(s1, s2); - s1[0] = Xor(s2[0], msg, 0); - s1[1] = Xor(s2[1], msg, 16); - s1[2] = Xor(s2[2], msg, 32); - s1[3] = Xor(s2[3], msg, 48); + Bytes.Xor(16, s2[0], 0, msg, 0, s1[0], 0); + Bytes.Xor(16, s2[1], 0, msg, 16, s1[1], 0); + Bytes.Xor(16, s2[2], 0, msg, 32, s1[2], 0); + Bytes.Xor(16, s2[3], 0, msg, 48, s1[3], 0); Array.Copy(s1[0], 8, output, outOff, 8); Array.Copy(s1[1], 8, output, outOff + 8, 8); diff --git a/crypto/src/crypto/digests/HarakaBase.cs b/crypto/src/crypto/digests/HarakaBase.cs index 1ca688914..661f140c4 100644 --- a/crypto/src/crypto/digests/HarakaBase.cs +++ b/crypto/src/crypto/digests/HarakaBase.cs @@ -1,5 +1,7 @@ using System; +using Org.BouncyCastle.Utilities; + namespace Org.BouncyCastle.Crypto.Digests { public abstract class HarakaBase @@ -102,7 +104,7 @@ namespace Org.BouncyCastle.Crypto.Digests s = SubBytes(s); s = ShiftRows(s); s = MixColumns(s); - XorTo(rk, s); + Bytes.XorTo(16, rk, s); return s; } @@ -111,37 +113,6 @@ namespace Org.BouncyCastle.Crypto.Digests return (byte)(((p & 0x7F) << 1) ^ (((uint)p >> 7) * 0x1BU)); } -#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - internal static void Xor(ReadOnlySpan x, ReadOnlySpan y, Span z) - { - for (int i = 0; i < z.Length; i++) - { - z[i] = (byte)(x[i] ^ y[i]); - } - } -#else - internal static byte[] Xor(byte[] x, byte[] y, int yStart) - { - byte[] output = new byte[16]; - for (int i = 0; i < output.Length; i++) - { - output[i] = (byte)(x[i] ^ y[yStart++]); - } - return output; - } -#endif - - private static void XorTo(byte[] x, byte[] z) - { - for (int i = 0; i < 16; i += 4) - { - z[i + 0] ^= x[i + 0]; - z[i + 1] ^= x[i + 1]; - z[i + 2] ^= x[i + 2]; - z[i + 3] ^= x[i + 3]; - } - } - private static byte[] MixColumns(byte[] s) { byte[] output = new byte[s.Length]; diff --git a/crypto/src/crypto/engines/AriaEngine.cs b/crypto/src/crypto/engines/AriaEngine.cs index c52fd30bf..06e354809 100644 --- a/crypto/src/crypto/engines/AriaEngine.cs +++ b/crypto/src/crypto/engines/AriaEngine.cs @@ -432,10 +432,7 @@ namespace Org.BouncyCastle.Crypto.Engines protected static void Xor(byte[] z, byte[] x) { - for (int i = 0; i < 16; ++i) - { - z[i] ^= x[i]; - } + Bytes.XorTo(16, x, z); } } } diff --git a/crypto/src/crypto/engines/SM2Engine.cs b/crypto/src/crypto/engines/SM2Engine.cs index 96bad4eb2..9445f1466 100644 --- a/crypto/src/crypto/engines/SM2Engine.cs +++ b/crypto/src/crypto/engines/SM2Engine.cs @@ -395,35 +395,17 @@ namespace Org.BouncyCastle.Crypto.Engines Pack.UInt32_To_BE(++ct, buf); digest.BlockUpdate(buf[..4]); digest.DoFinal(buf); - Xor(encData.AsSpan(off, xorLen), buf); + Bytes.XorTo(xorLen, buf, encData.AsSpan(off)); #else Pack.UInt32_To_BE(++ct, buf, 0); digest.BlockUpdate(buf, 0, 4); digest.DoFinal(buf, 0); - Xor(encData, buf, off, xorLen); + Bytes.XorTo(xorLen, buf, 0, encData, off); #endif off += xorLen; } } -#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - private void Xor(Span data, ReadOnlySpan kdfOut) - { - for (int i = 0; i != data.Length; i++) - { - data[i] ^= kdfOut[i]; - } - } -#else - private void Xor(byte[] data, byte[] kdfOut, int dOff, int dRemaining) - { - for (int i = 0; i != dRemaining; i++) - { - data[dOff + i] ^= kdfOut[i]; - } - } -#endif - private BigInteger NextK() { int qBitLength = mECParams.N.BitLength; diff --git a/crypto/src/crypto/modes/OCBBlockCipher.cs b/crypto/src/crypto/modes/OCBBlockCipher.cs index c0bca2681..604a7d205 100644 --- a/crypto/src/crypto/modes/OCBBlockCipher.cs +++ b/crypto/src/crypto/modes/OCBBlockCipher.cs @@ -762,10 +762,7 @@ namespace Org.BouncyCastle.Crypto.Modes protected static void Xor(byte[] block, byte[] val) { - for (int i = 15; i >= 0; --i) - { - block[i] ^= val[i]; - } + Bytes.XorTo(16, val, block); } } } diff --git a/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs b/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs index fd7b107e0..9873c1a4a 100644 --- a/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs +++ b/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs @@ -103,7 +103,7 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg block[..bytesToCopy].CopyTo(temp[(i * blockSize)..]); } - XorWith(seed, temp); + Bytes.XorTo(seedLength, seed, temp); key.CopyFrom(temp); v.CopyFrom(temp[key.Length..]); @@ -111,14 +111,15 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg #else private void CTR_DRBG_Update(byte[] seed, byte[] key, byte[] v) { - byte[] temp = new byte[seed.Length]; + int seedLength = seed.Length; + byte[] temp = new byte[seedLength]; byte[] outputBlock = new byte[mEngine.GetBlockSize()]; int i = 0; int outLen = mEngine.GetBlockSize(); mEngine.Init(true, ExpandToKeyParameter(key)); - while (i * outLen < seed.Length) + while (i * outLen < seedLength) { AddOneTo(v); mEngine.ProcessBlock(v, 0, outputBlock, 0); @@ -128,7 +129,7 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg ++i; } - Xor(temp, seed, temp, 0); + Bytes.XorTo(seedLength, seed, temp); Array.Copy(temp, 0, key, 0, key.Length); Array.Copy(temp, key.Length, v, 0, v.Length); @@ -171,32 +172,6 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg } #endif -#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - private void Xor(ReadOnlySpan x, ReadOnlySpan y, Span z) - { - for (int i = 0; i < z.Length; ++i) - { - z[i] = (byte)(x[i] ^ y[i]); - } - } - - private void XorWith(ReadOnlySpan x, Span z) - { - for (int i = 0; i < z.Length; ++i) - { - z[i] ^= x[i]; - } - } -#else - private void Xor(byte[] output, byte[] a, byte[] b, int bOff) - { - for (int i = 0; i < output.Length; i++) - { - output[i] = (byte)(a[i] ^ b[bOff + i]); - } - } -#endif - #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER private void AddOneTo(Span longer) #else @@ -449,7 +424,7 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg int n = data.Length / blockSize; for (int i = 0; i < n; i++) { - Xor(chainingValue, data[(i * blockSize)..], inputBlock); + Bytes.Xor(blockSize, chainingValue, data[(i * blockSize)..], inputBlock); mEngine.ProcessBlock(inputBlock, chainingValue); } @@ -458,17 +433,17 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg #else private void BCC(byte[] bccOut, byte[] iV, byte[] data) { - int outlen = mEngine.GetBlockSize(); - byte[] chainingValue = new byte[outlen]; // initial values = 0 - int n = data.Length / outlen; + int blockSize = mEngine.GetBlockSize(); - byte[] inputBlock = new byte[outlen]; + byte[] chainingValue = new byte[blockSize]; // initial values = 0 + byte[] inputBlock = new byte[blockSize]; mEngine.ProcessBlock(iV, 0, chainingValue, 0); + int n = data.Length / blockSize; for (int i = 0; i < n; i++) { - Xor(inputBlock, chainingValue, data, i*outlen); + Bytes.Xor(blockSize, chainingValue, 0, data, i * blockSize, inputBlock, 0); mEngine.ProcessBlock(inputBlock, 0, chainingValue, 0); } diff --git a/crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs b/crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs index 87681c484..756f71a71 100644 --- a/crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs +++ b/crypto/src/pqc/crypto/sphincsplus/HarakaS_X86.cs @@ -34,11 +34,11 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus Span buf = stackalloc byte[64]; while (pkSeed.Length >= 32) { - XorWith(pkSeed[..32], buf); + Bytes.XorTo(32, pkSeed, buf); Haraka512_X86.Permute(buf, buf); pkSeed = pkSeed[32..]; } - XorWith(pkSeed, buf); + Bytes.XorTo(pkSeed.Length, pkSeed, buf); buf[pkSeed.Length] ^= 0x1F; buf[ 31] ^= 0x80; @@ -86,23 +86,23 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus int available = 32 - m_bufPos; if (input.Length < available) { - XorWith(input, m_buf.AsSpan(m_bufPos)); + Bytes.XorTo(input.Length, input, m_buf.AsSpan(m_bufPos)); m_bufPos += input.Length; return; } - XorWith(input[..available], m_buf.AsSpan(m_bufPos)); + Bytes.XorTo(available, input, m_buf.AsSpan(m_bufPos)); input = input[available..]; Haraka512_X86.Permute(m_buf, m_buf, m_roundConstants); while (input.Length >= 32) { - XorWith(input[..32], m_buf); + Bytes.XorTo(32, input, m_buf); input = input[32..]; Haraka512_X86.Permute(m_buf, m_buf, m_roundConstants); } - XorWith(input, m_buf); + Bytes.XorTo(input.Length, input, m_buf); m_bufPos = input.Length; } @@ -195,15 +195,6 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus BinaryPrimitives.ReadUInt64LittleEndian(t[8..]) ).AsByte(); } - - [MethodImpl(MethodImplOptions.AggressiveInlining)] - private static void XorWith(ReadOnlySpan x, Span z) - { - for (int i = 0; i < x.Length; i++) - { - z[i] ^= x[i]; - } - } } } #endif -- cgit 1.4.1