diff options
author | Jeffrey Walton <noloader@gmail.com> | 2017-05-13 19:15:46 -0400 |
---|---|---|
committer | Jeffrey Walton <noloader@gmail.com> | 2017-05-13 19:15:46 -0400 |
commit | d654c893ef4658da83ed5753cb4c360e60e5afa3 (patch) | |
tree | 1f196b45a35d9a7a867b314c314f4da7d867efef /cmac.cpp | |
parent | 7697857481f51c51766943d0487b08045efefd87 (diff) | |
download | cryptopp-git-d654c893ef4658da83ed5753cb4c360e60e5afa3.tar.gz |
Add polynomial for 1024-bit block cipher.
This will support Threefish and its 1024-bit block size. I believe this is correct, but it may be wrong. According to "Table of Low-Weight Binary Irreducible Polynomials" (http://www.hpl.hp.com/techreports/98/HPL-98-135.pdf), the polynomial is x^1024 + x^19 + x^6 + x + 1.
Diffstat (limited to 'cmac.cpp')
-rw-r--r-- | cmac.cpp | 11 |
1 files changed, 10 insertions, 1 deletions
@@ -31,15 +31,24 @@ static void MulU(byte *k, unsigned int length) k[15] ^= 0x87;
break;
case 32:
- // Should this be 0x425?
+ // https://crypto.stackexchange.com/q/9815/10496
+ // Polynomial x^256 + x^10 + x^5 + x + 1
k[30] ^= 4;
k[31] ^= 0x23;
break;
case 64:
// https://crypto.stackexchange.com/q/9815/10496
+ // Polynomial x^512 + x^8 + x^5 + x^2 + 1
k[62] ^= 1;
k[63] ^= 0x25;
break;
+ case 128:
+ // https://crypto.stackexchange.com/q/9815/10496
+ // Polynomial x^1024 + x^19 + x^6 + x + 1
+ k[126] ^= 8;
+ k[126] ^= 0x00;
+ k[127] ^= 0x43;
+ break;
default:
throw InvalidArgument("CMAC: " + IntToString(length) + " is not a supported cipher block size");
}
|