73535ab252
This one is a little thorny. All the various block cipher modes functions and callbacks take a void *key. This allows them to be used with multiple kinds of block ciphers. However, the implementations of those callbacks are the normal typed functions, like AES_encrypt. Those take AES_KEY *key. While, at the ABI level, this is perfectly fine, C considers this undefined behavior. If we wish to preserve this genericness, we could either instantiate multiple versions of these mode functions or create wrappers of AES_encrypt, etc., that take void *key. The former means more code and is tedious without C++ templates (maybe someday...). The latter would not be difficult for a compiler to optimize out. C mistakenly allowed comparing function pointers for equality, which means a compiler cannot replace pointers to wrapper functions with the real thing. (That said, the performance-sensitive bits already act in chunks, e.g. ctr128_f, so the function call overhead shouldn't matter.) But our only 128-bit block cipher is AES anyway, so I just switched things to use AES_KEY throughout. AES is doing fine, and hopefully we would have the sense not to pair a hypothetical future block cipher with so many modes! Change-Id: Ied3e843f0e3042a439f09e655b29847ade9d4c7d Reviewed-on: https://boringssl-review.googlesource.com/32107 Reviewed-by: Adam Langley <agl@google.com> |
||
---|---|---|
.. | ||
xts.c |