Define endian-dependent macros.

author: Niels Möller <nisse@lysator.liu.se> 2023-02-01 16:39:02 +0100
committer: Niels Möller <nisse@lysator.liu.se> 2023-02-06 20:27:58 +0100
commit: ecc1e196c454c13701a8b000a8f475da6ea4a254 (patch)
tree: 1e0c3eaf7def2a978780838645d674bd1663e793
parent: b8319e28a49434e12844c7842fb90d3ad5b273fd (diff)
download: nettle-ecc1e196c454c13701a8b000a8f475da6ea4a254.tar.gz
2 files changed, 31 insertions, 17 deletions
diff --git a/ChangeLog b/ChangeLog
index 9758a245..353a5590 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,7 +6,7 @@
 
 2023-02-01  Niels Möller  <nisse@lysator.liu.se>
 	* ocb.c (ocb_checksum_n): Implement using 64-bit aligned
-	operations, with special logic to handle edge bytes.
+o	operations, with special logic to handle edge bytes.
 
 2023-01-25  Niels Möller  <nisse@lysator.liu.se>
 
diff --git a/ocb.c b/ocb.c
index 8ca45ce9..d53380f8 100644
--- a/ocb.c
+++ b/ocb.c
@@ -369,7 +369,30 @@ ocb_crypt_n_4way (struct ocb_ctx *ctx, const struct ocb_key *key,
 }
 #endif
 
+/* Rotate bytes (8-c) positions to the right, in memory order. */
+#if WORDS_BIGENDIAN
+# define MEM_ROTATE_RIGHT(c, s0, s1) do {				\
+    uint64_t __rotate_t = ((s0) >> (64-8*(c))) | ((s1) << (8*(c)));	\
+    (s1) = ((s1) >> (64-8*(c))) | ((s0) << (8*(c)));			\
+    (s0) = __rotate_t;							\
+  } while (0)
+#else
+# define MEM_ROTATE_RIGHT(c, s0, s1) do {				\
+    uint64_t __rotate_t = ((s0) << (64-8*(c))) | ((s1) >> (8*(c)));	\
+    (s1) = ((s1) << (64-8*(c))) | ((s0) >> (8*(c)));			\
+    (s0) = __rotate_t;							\
+  } while (0)
+#endif
+
+/* Mask for the first c bytes in memory */
+#if WORDS_BIGENDIAN
+# define MEM_MASK(c) (-((uint64_t) 1 << 8*(c)))
+#else
+# define MEM_MASK(c) (((uint64_t) 1 << (64-8*(c))) - 1)
+#endif
+
 /* Checksum of n complete blocks. */
+
 static void
 ocb_checksum_n (union nettle_block16 *checksum,
 		size_t n, const uint8_t *src)
@@ -402,27 +425,18 @@ ocb_checksum_n (union nettle_block16 *checksum,
   if (offset > 0)
     {
       unsigned i;
-      uint64_t t, mask;
+      uint64_t mask;
       s0 ^= ((const uint64_t *) src)[0];
       for (i = offset, src += 8; i > 0; i--)
 	edge_word = (edge_word << 8) + *src++;
 
-#if WORDS_BIGENDIAN
-      mask = ((uint64_t) 1 << 8*offset) - 1;
-      /* Rotate [s0, s1] right 64 - 8*offset bits */
-      t = (s0 >> (64-8*offset)) | (s1 << (8*offset));
-      s1 = (s1 >> (64-8*offset)) | (s0 << (8*offset));
-      s0 = t ^ (edge_word & ~mask);
-      s1 ^= (edge_word & mask);
-#else
-      mask = ((uint64_t) 1 << (64-8*offset)) - 1;
-      edge_word = nettle_bswap64 (edge_word);
-      /* Rotate [s0, s1] left 64 - 8*offset bits */
-      t = (s0 << (64-8*offset)) | (s1 >> (8*offset));
-      s1 = (s1 << (64-8*offset)) | (s0 >> (8*offset));
-      s0 = t ^ (edge_word & mask);
+      /* Rotate [s0, s1] right 8 - offset bytes. */
+      MEM_ROTATE_RIGHT(offset, s0, s1);
+      /* Add in the edge bytes.  */
+      mask = MEM_MASK(offset);
+      edge_word = bswap64_if_le (edge_word);
+      s0 ^= (edge_word & mask);
       s1 ^= (edge_word & ~mask);
-#endif
     }
   checksum->u64[0] ^= s0;
   checksum->u64[1] ^= s1;
author	Niels Möller <nisse@lysator.liu.se>	2023-02-01 16:39:02 +0100
committer	Niels Möller <nisse@lysator.liu.se>	2023-02-06 20:27:58 +0100
commit	ecc1e196c454c13701a8b000a8f475da6ea4a254 (patch)
tree	1e0c3eaf7def2a978780838645d674bd1663e793
parent	b8319e28a49434e12844c7842fb90d3ad5b273fd (diff)
download	nettle-ecc1e196c454c13701a8b000a8f475da6ea4a254.tar.gz