Add polynomial for 1024-bit block cipher.

This will support Threefish and its 1024-bit block size. I believe this is correct, but it may be wrong. According to "Table of Low-Weight Binary Irreducible Polynomials" (http://www.hpl.hp.com/techreports/98/HPL-98-135.pdf), the polynomial is x^1024 + x^19 + x^6 + x + 1.
author: Jeffrey Walton <noloader@gmail.com> 2017-05-13 19:15:46 -0400
committer: Jeffrey Walton <noloader@gmail.com> 2017-05-13 19:15:46 -0400
commit: d654c893ef4658da83ed5753cb4c360e60e5afa3 (patch)
tree: 1f196b45a35d9a7a867b314c314f4da7d867efef /cmac.cpp
parent: 7697857481f51c51766943d0487b08045efefd87 (diff)
download: cryptopp-git-d654c893ef4658da83ed5753cb4c360e60e5afa3.tar.gz
1 files changed, 10 insertions, 1 deletions
diff --git a/cmac.cpp b/cmac.cpp
index ca04d0bd..81047827 100644
--- a/cmac.cpp
+++ b/cmac.cpp
@@ -31,15 +31,24 @@ static void MulU(byte *k, unsigned int length)
 			k[15] ^= 0x87;
 			break;
 		case 32:
-			// Should this be 0x425?
+			// https://crypto.stackexchange.com/q/9815/10496
+			// Polynomial x^256 + x^10 + x^5 + x + 1
 			k[30] ^= 4;
 			k[31] ^= 0x23;
 			break;
 		case 64:
 			// https://crypto.stackexchange.com/q/9815/10496
+			// Polynomial x^512 + x^8 + x^5 + x^2 + 1
 			k[62] ^= 1;
 			k[63] ^= 0x25;
 			break;
+		case 128:
+			// https://crypto.stackexchange.com/q/9815/10496
+			// Polynomial x^1024 + x^19 + x^6 + x + 1
+			k[126] ^= 8;
+			k[126] ^= 0x00;
+			k[127] ^= 0x43;
+			break;
 		default:
 			throw InvalidArgument("CMAC: " + IntToString(length) + " is not a supported cipher block size");
 		}
author	Jeffrey Walton <noloader@gmail.com>	2017-05-13 19:15:46 -0400
committer	Jeffrey Walton <noloader@gmail.com>	2017-05-13 19:15:46 -0400
commit	d654c893ef4658da83ed5753cb4c360e60e5afa3 (patch)
tree	1f196b45a35d9a7a867b314c314f4da7d867efef /cmac.cpp
parent	7697857481f51c51766943d0487b08045efefd87 (diff)
download	cryptopp-git-d654c893ef4658da83ed5753cb4c360e60e5afa3.tar.gz