diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2019-03-27 06:30:58 +0100 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2019-03-27 06:30:58 +0100 |
| commit | b87ec212616765f920000b72d57b7a317e1a0c24 (patch) | |
| tree | 62149d349e8fc9d6615c5cc4251d06e45f6d4808 | |
| parent | 0beec6b237dc3b6b2aab25457173d1f353f133f4 (diff) | |
| download | nettle-b87ec212616765f920000b72d57b7a317e1a0c24.tar.gz | |
Rearrange cmac's block_mulx, make it closer to xts_shift.
* xts.c (xts_shift): Arrange with a single write to u64[1].
* cmac.c (block_mulx): Rewrite to work in the same way as
xts_shift, with 64-bit operations. XTS and CMAC use opposite
endianness, but otherwise, these two functions are identical.
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | cmac.c | 27 | ||||
| -rw-r--r-- | xts.c | 6 |
3 files changed, 25 insertions, 15 deletions
@@ -1,3 +1,10 @@ +2019-03-27 Niels Möller <nisse@lysator.liu.se> + + * xts.c (xts_shift): Arrange with a single write to u64[1]. + * cmac.c (block_mulx): Rewrite to work in the same way as + xts_shift, with 64-bit operations. XTS and CMAC use opposite + endianness, but otherwise, these two functions are identical. + 2019-03-24 Niels Möller <nisse@lysator.liu.se> From Simo Sorce: @@ -47,22 +47,27 @@ #include "macros.h" /* shift one and XOR with 0x87. */ +#if WORDS_BIGENDIAN static void block_mulx(union nettle_block16 *dst, const union nettle_block16 *src) { - uint64_t b1 = READ_UINT64(src->b); - uint64_t b2 = READ_UINT64(src->b+8); - - b1 = (b1 << 1) | (b2 >> 63); - b2 <<= 1; - - if (src->b[0] & 0x80) - b2 ^= 0x87; - - WRITE_UINT64(dst->b, b1); - WRITE_UINT64(dst->b+8, b2); + uint64_t carry = src->u64[0] >> 63; + dst->u64[0] = (src->u64[0] << 1) | (src->u64[1] >> 63); + dst->u64[1] = (src->u64[1] << 1) ^ (0x87 & -carry); +} +#else /* !WORDS_BIGENDIAN */ +#define LE_SHIFT(x) ((((x) & 0x7f7f7f7f7f7f7f7f) << 1) | \ + (((x) & 0x8080808080808080) >> 15)) +static void +block_mulx(union nettle_block16 *dst, + const union nettle_block16 *src) +{ + uint64_t carry = (src->u64[0] & 0x80) >> 7; + dst->u64[0] = LE_SHIFT(src->u64[0]) | ((src->u64[1] & 0x80) << 49); + dst->u64[1] = LE_SHIFT(src->u64[1]) ^ (0x8700000000000000 & -carry); } +#endif /* !WORDS_BIGENDIAN */ void cmac128_set_key(struct cmac128_ctx *ctx, const void *cipher, @@ -57,8 +57,7 @@ xts_shift(union nettle_block16 *dst, { uint64_t carry = (src->u64[1] & 0x80) >> 7; dst->u64[1] = BE_SHIFT(src->u64[1]) | ((src->u64[0] & 0x80) << 49); - dst->u64[0] = BE_SHIFT(src->u64[0]); - dst->u64[0] ^= 0x8700000000000000 & -carry; + dst->u64[0] = BE_SHIFT(src->u64[0]) ^ (0x8700000000000000 & -carry); } #else /* !WORDS_BIGENDIAN */ static void @@ -67,8 +66,7 @@ xts_shift(union nettle_block16 *dst, { uint64_t carry = src->u64[1] >> 63; dst->u64[1] = (src->u64[1] << 1) | (src->u64[0] >> 63); - dst->u64[0] = src->u64[0] << 1; - dst->u64[0] ^= 0x87 & -carry; + dst->u64[0] = (src->u64[0] << 1) ^ (0x87 & -carry); } #endif /* !WORDS_BIGNDIAN */ |