diff options
author | Niels Möller <nisse@lysator.liu.se> | 2022-05-14 22:33:28 +0200 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2023-02-06 20:20:01 +0100 |
commit | 175320ed6670ed7a14284a608d5419dae42b3619 (patch) | |
tree | c454915469e77f87849b03cd606c90fa26baedd1 | |
parent | b8066737e9b1e783860b96ec9617d272eec3898c (diff) | |
download | nettle-175320ed6670ed7a14284a608d5419dae42b3619.tar.gz |
ocb: Rewrite trailing-zeros loop to not use __builtin_ctzll.
-rw-r--r-- | ocb.c | 11 |
1 files changed, 6 insertions, 5 deletions
@@ -79,22 +79,23 @@ ocb_set_key (struct ocb_key *key, const void *cipher, nettle_cipher_func *f) block16_mulx_be (&key->L[2], &key->L[1]); } +/* Add x^k L[2], where k is the number of trailing bits in i. */ static void update_offset(const struct ocb_key *key, union nettle_block16 *offset, size_t i) { - unsigned ntz = __builtin_ctzll(i); - if (ntz > 0) + if (i & 1) + block16_xor (offset, &key->L[2]); + else { + assert (i > 0); union nettle_block16 diff; block16_mulx_be (&diff, &key->L[2]); - while (--ntz > 0) + for (i >>= 1; !(i&1); i >>= 1) block16_mulx_be (&diff, &diff); block16_xor (offset, &diff); } - else - block16_xor (offset, &key->L[2]); } static void |