Merge pull request #3757 from randombit/jack/remove-buffer-insert

Remove use of buffer_insert from filters, MACs, stream ciphers

src/lib/filters/b64_filt.cpp

@@ -68,7 +68,9 @@ void Base64_Encoder::do_output(const uint8_t input[], size_t length) {
 * Convert some data into Base64
 */
 void Base64_Encoder::write(const uint8_t input[], size_t length) {
-   buffer_insert(m_in, m_position, input, length);
+   const size_t initial_fill = std::min(m_in.size() - m_position, length);
+   copy_mem(&m_in[m_position], input, initial_fill);
+
    if(m_position + length >= m_in.size()) {
       encode_and_send(m_in.data(), m_in.size());
       input += (m_in.size() - m_position);

src/lib/filters/hex_filt.cpp

@@ -64,7 +64,9 @@ void Hex_Encoder::encode_and_send(const uint8_t block[], size_t length) {
 * Convert some data into hex format
 */
 void Hex_Encoder::write(const uint8_t input[], size_t length) {
-   buffer_insert(m_in, m_position, input, length);
+   const size_t initial_fill = std::min(m_in.size() - m_position, length);
+   copy_mem(&m_in[m_position], input, initial_fill);
+
    if(m_position + length >= m_in.size()) {
       encode_and_send(m_in.data(), m_in.size());
       input += (m_in.size() - m_position);

src/lib/mac/cmac/cmac.cpp

@@ -20,7 +20,9 @@ namespace Botan {
 void CMAC::add_data(std::span<const uint8_t> input) {
    const size_t bs = output_length();
 
-   buffer_insert(m_buffer, m_position, input.data(), input.size());
+   const size_t initial_fill = std::min(m_buffer.size() - m_position, input.size());
+   copy_mem(m_buffer.data() + m_position, input.data(), initial_fill);
+
    if(m_position + input.size() > bs) {
       xor_buf(m_state, m_buffer, bs);
       m_cipher->encrypt(m_state);

src/lib/mac/poly1305/poly1305.cpp

@@ -164,17 +164,15 @@ void poly1305_finish(secure_vector<uint64_t>& X, uint8_t mac[16]) {
 
 void Poly1305::clear() {
    zap(m_poly);
-   zap(m_buf);
-   m_buf_pos = 0;
+   m_buffer.clear();
 }
 
 bool Poly1305::has_keying_material() const {
    return m_poly.size() == 8;
 }
 
 void Poly1305::key_schedule(std::span<const uint8_t> key) {
-   m_buf_pos = 0;
-   m_buf.resize(16);
+   m_buffer.clear();
    m_poly.resize(8);
 
    poly1305_init(m_poly, key.data());
@@ -183,44 +181,36 @@ void Poly1305::key_schedule(std::span<const uint8_t> key) {
 void Poly1305::add_data(std::span<const uint8_t> input) {
    assert_key_material_set();
 
-   if(m_buf_pos) {
-      buffer_insert(m_buf, m_buf_pos, input.data(), input.size());
+   BufferSlicer in(input);
 
-      if(m_buf_pos + input.size() >= m_buf.size()) {
-         poly1305_blocks(m_poly, m_buf.data(), 1);
-         input = input.last(input.size() - m_buf.size() + m_buf_pos);
-         m_buf_pos = 0;
+   while(!in.empty()) {
+      if(const auto one_block = m_buffer.handle_unaligned_data(in)) {
+         poly1305_blocks(m_poly, one_block->data(), 1);
       }
-   }
-
-   BufferSlicer in(input);
-   const size_t full_blocks = in.remaining() / m_buf.size();
 
-   if(full_blocks) {
-      poly1305_blocks(m_poly, in.take(full_blocks * m_buf.size()).data(), full_blocks);
+      if(m_buffer.in_alignment()) {
+         const auto [aligned_data, full_blocks] = m_buffer.aligned_data_to_process(in);
+         if(full_blocks > 0) {
+            poly1305_blocks(m_poly, aligned_data.data(), full_blocks);
+         }
+      }
    }
-
-   const auto remaining = in.take(in.remaining());
-   buffer_insert(m_buf, m_buf_pos, remaining.data(), remaining.size());
-   m_buf_pos += remaining.size();
 }
 
 void Poly1305::final_result(std::span<uint8_t> out) {
    assert_key_material_set();
 
-   if(m_buf_pos != 0) {
-      m_buf[m_buf_pos] = 1;
-      const size_t len = m_buf.size() - m_buf_pos - 1;
-      if(len > 0) {
-         clear_mem(&m_buf[m_buf_pos + 1], len);
-      }
-      poly1305_blocks(m_poly, m_buf.data(), 1, true);
+   if(!m_buffer.in_alignment()) {
+      const uint8_t final_byte = 0x01;
+      m_buffer.append({&final_byte, 1});
+      m_buffer.fill_up_with_zeros();
+      poly1305_blocks(m_poly, m_buffer.consume().data(), 1, true);
    }
 
    poly1305_finish(m_poly, out.data());
 
    m_poly.clear();
-   m_buf_pos = 0;
+   m_buffer.clear();
 }
 
 }  // namespace Botan

src/lib/mac/poly1305/poly1305.h

@@ -9,6 +9,7 @@
 #define BOTAN_MAC_POLY1305_H_
 
 #include <botan/mac.h>
+#include <botan/internal/alignment_buffer.h>
 #include <memory>
 
 namespace Botan {
@@ -39,8 +40,7 @@ class Poly1305 final : public MessageAuthenticationCode {
       void key_schedule(std::span<const uint8_t>) override;
 
       secure_vector<uint64_t> m_poly;
-      secure_vector<uint8_t> m_buf;
-      size_t m_buf_pos = 0;
+      AlignmentBuffer<uint8_t, 16> m_buffer;
 };
 
 }  // namespace Botan

src/lib/stream/ctr/ctr.cpp

@@ -153,7 +153,7 @@ void CTR_BE::set_iv_bytes(const uint8_t iv[], size_t iv_len) {
 
    m_iv.resize(m_block_size);
    zeroise(m_iv);
-   buffer_insert(m_iv, 0, iv, iv_len);
+   copy_mem(&m_iv[0], iv, iv_len);
 
    seek(0);
 }
@@ -211,7 +211,8 @@ void CTR_BE::seek(uint64_t offset) {
    const uint64_t base_counter = m_ctr_blocks * (offset / m_counter.size());
 
    zeroise(m_counter);
-   buffer_insert(m_counter, 0, m_iv);
+   BOTAN_ASSERT_NOMSG(m_counter.size() >= m_iv.size());
+   copy_mem(&m_counter[0], &m_iv[0], m_iv.size());
 
    const size_t BS = m_block_size;
 
@@ -239,7 +240,7 @@ void CTR_BE::seek(uint64_t offset) {
    } else {
       // do everything sequentially:
       for(size_t i = 1; i != m_ctr_blocks; ++i) {
-         buffer_insert(m_counter, i * BS, &m_counter[(i - 1) * BS], BS);
+         copy_mem(&m_counter[i * BS], &m_counter[(i - 1) * BS], BS);
 
          for(size_t j = 0; j != m_ctr_size; ++j) {
             if(++m_counter[i * BS + (BS - 1 - j)]) {

src/lib/stream/ofb/ofb.cpp

@@ -75,7 +75,8 @@ void OFB::set_iv_bytes(const uint8_t iv[], size_t iv_len) {
    }
 
    zeroise(m_buffer);
-   buffer_insert(m_buffer, 0, iv, iv_len);
+   BOTAN_ASSERT_NOMSG(m_buffer.size() >= iv_len);
+   copy_mem(&m_buffer[0], iv, iv_len);
 
    m_cipher->encrypt(m_buffer);
    m_buf_pos = 0;