diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2023-02-01 16:47:42 +0100 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2023-02-06 20:27:58 +0100 |
| commit | e5c2e63cf3c2b98d597f32dbb1cf5e9940c43a49 (patch) | |
| tree | 2ffc2fa2b69b36f2265ef6b6bc6380eec175f28f | |
| parent | ecc1e196c454c13701a8b000a8f475da6ea4a254 (diff) | |
| download | nettle-e5c2e63cf3c2b98d597f32dbb1cf5e9940c43a49.tar.gz | |
Replace offset with count of initial unaligned bytes.
| -rw-r--r-- | ocb.c | 35 |
1 files changed, 19 insertions, 16 deletions
@@ -369,35 +369,34 @@ ocb_crypt_n_4way (struct ocb_ctx *ctx, const struct ocb_key *key, } #endif -/* Rotate bytes (8-c) positions to the right, in memory order. */ +/* Rotate bytes c positions to the right, in memory order. */ #if WORDS_BIGENDIAN # define MEM_ROTATE_RIGHT(c, s0, s1) do { \ - uint64_t __rotate_t = ((s0) >> (64-8*(c))) | ((s1) << (8*(c))); \ - (s1) = ((s1) >> (64-8*(c))) | ((s0) << (8*(c))); \ + uint64_t __rotate_t = ((s0) >> (8*(c))) | ((s1) << (64-8*(c))); \ + (s1) = ((s1) >> (8*(c))) | ((s0) << (64-8*(c))); \ (s0) = __rotate_t; \ } while (0) #else # define MEM_ROTATE_RIGHT(c, s0, s1) do { \ - uint64_t __rotate_t = ((s0) << (64-8*(c))) | ((s1) >> (8*(c))); \ - (s1) = ((s1) << (64-8*(c))) | ((s0) >> (8*(c))); \ + uint64_t __rotate_t = ((s0) << (8*(c))) | ((s1) >> (64-8*(c))); \ + (s1) = ((s1) << (8*(c))) | ((s0) >> (64-8*(c))); \ (s0) = __rotate_t; \ } while (0) #endif /* Mask for the first c bytes in memory */ #if WORDS_BIGENDIAN -# define MEM_MASK(c) (-((uint64_t) 1 << 8*(c))) +# define MEM_MASK(c) (-((uint64_t) 1 << (64 - 8*(c)))) #else -# define MEM_MASK(c) (((uint64_t) 1 << (64-8*(c))) - 1) +# define MEM_MASK(c) (((uint64_t) 1 << (8*(c))) - 1) #endif /* Checksum of n complete blocks. */ - static void ocb_checksum_n (union nettle_block16 *checksum, size_t n, const uint8_t *src) { - unsigned offset = (uintptr_t) src & 7; + unsigned initial; uint64_t edge_word = 0; uint64_t s0, s1; @@ -406,12 +405,16 @@ ocb_checksum_n (union nettle_block16 *checksum, memxor (checksum->b, src, OCB_BLOCK_SIZE); return; } - if (offset > 0) + + /* Initial unaligned bytes. */ + initial = -(uintptr_t) src & 7; + + if (initial > 0) { /* Input not 64-bit aligned. Read initial bytes. */ unsigned i; /* Edge word is read in big-endian order */ - for (i = 8 - offset; i > 0; i--) + for (i = initial; i > 0; i--) edge_word = (edge_word << 8) + *src++; n--; } @@ -422,18 +425,18 @@ ocb_checksum_n (union nettle_block16 *checksum, s0 ^= ((const uint64_t *) src)[0]; s1 ^= ((const uint64_t *) src)[1]; } - if (offset > 0) + if (initial > 0) { unsigned i; uint64_t mask; s0 ^= ((const uint64_t *) src)[0]; - for (i = offset, src += 8; i > 0; i--) + for (i = 8 - initial, src += 8; i > 0; i--) edge_word = (edge_word << 8) + *src++; - /* Rotate [s0, s1] right 8 - offset bytes. */ - MEM_ROTATE_RIGHT(offset, s0, s1); + /* Rotate [s0, s1] right initial bytes. */ + MEM_ROTATE_RIGHT(initial, s0, s1); /* Add in the edge bytes. */ - mask = MEM_MASK(offset); + mask = MEM_MASK(initial); edge_word = bswap64_if_le (edge_word); s0 ^= (edge_word & mask); s1 ^= (edge_word & ~mask); |