diff options
author | Niels Möller <nisse@lysator.liu.se> | 2014-01-20 21:49:47 +0100 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2014-01-20 21:49:47 +0100 |
commit | dca9abf1c41fb1c0b51c75ca8decac4b27c26671 (patch) | |
tree | 8d83cb1447310bdbc82891432439478b75c784ed | |
parent | efdf4f4b86dc166ecd4fd0d2847eaf10202cee53 (diff) | |
download | nettle-dca9abf1c41fb1c0b51c75ca8decac4b27c26671.tar.gz |
poly1305_digest: Use union nettle_block16.
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | poly1305-aes.c | 11 | ||||
-rw-r--r-- | poly1305-internal.c | 21 | ||||
-rw-r--r-- | poly1305.h | 4 |
4 files changed, 24 insertions, 17 deletions
@@ -1,5 +1,10 @@ 2014-01-20 Niels Möller <nisse@lysator.liu.se> + * poly1305-internal.c (poly1305_digest): Use union nettle_block16 + for s argument. + * poly1305-aes.c (poly1305_aes_digest): Update for poly1305_digest + change. + Merged poly1305 changes (starting at 2013-11-08). * x86_64/poly1305-internal.asm: Update to new interface. poly1305_digest much simplified. diff --git a/poly1305-aes.c b/poly1305-aes.c index e4a6f748..baba4896 100644 --- a/poly1305-aes.c +++ b/poly1305-aes.c @@ -47,7 +47,8 @@ poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx, #define COMPRESS(ctx, data) _poly1305_block(&(ctx)->pctx, (data), 1) void -poly1305_aes_update (struct poly1305_aes_ctx *ctx, size_t length, const uint8_t *data) +poly1305_aes_update (struct poly1305_aes_ctx *ctx, + size_t length, const uint8_t *data) { MD_UPDATE (ctx, length, data, COMPRESS, (void) 0); } @@ -56,7 +57,7 @@ void poly1305_aes_digest (struct poly1305_aes_ctx *ctx, size_t length, uint8_t *digest) { - uint8_t s[POLY1305_BLOCK_SIZE]; + union nettle_block16 s; /* final bytes */ if (ctx->index > 0) { @@ -68,10 +69,10 @@ poly1305_aes_digest (struct poly1305_aes_ctx *ctx, _poly1305_block (&ctx->pctx, ctx->block, 0); } - aes128_encrypt(&ctx->aes, POLY1305_BLOCK_SIZE, s, ctx->nonce); + aes128_encrypt(&ctx->aes, POLY1305_BLOCK_SIZE, s.b, ctx->nonce); - poly1305_digest (&ctx->pctx, s); - memcpy (digest, s, length); + poly1305_digest (&ctx->pctx, &s); + memcpy (digest, s.b, length); INCREMENT (16, ctx->nonce); ctx->index = 0; diff --git a/poly1305-internal.c b/poly1305-internal.c index b33a3c9d..8c5a7496 100644 --- a/poly1305-internal.c +++ b/poly1305-internal.c @@ -86,7 +86,7 @@ poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[16]) } void -_poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[16], unsigned t4) +_poly1305_block (struct poly1305_ctx *ctx, const uint8_t *m, unsigned t4) { uint32_t t0,t1,t2,t3; uint32_t b; @@ -121,7 +121,7 @@ _poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[16], unsigned t4) /* Adds digest to the nonce */ void -poly1305_digest (struct poly1305_ctx *ctx, uint8_t *s) +poly1305_digest (struct poly1305_ctx *ctx, union nettle_block16 *s) { uint32_t b, nb; uint64_t f0,f1,f2,f3; @@ -149,18 +149,19 @@ poly1305_digest (struct poly1305_ctx *ctx, uint8_t *s) ctx->h3 = (ctx->h3 & nb) | (g3 & b); ctx->h4 = (ctx->h4 & nb) | (g4 & b); - f0 = ((ctx->h0 ) | (ctx->h1 << 26)) + (uint64_t)LE_READ_UINT32(s); - f1 = ((ctx->h1 >> 6) | (ctx->h2 << 20)) + (uint64_t)LE_READ_UINT32(s+4); - f2 = ((ctx->h2 >> 12) | (ctx->h3 << 14)) + (uint64_t)LE_READ_UINT32(s+8); - f3 = ((ctx->h3 >> 18) | (ctx->h4 << 8)) + (uint64_t)LE_READ_UINT32(s+12); + /* FIXME: Take advantage of s being aligned as an unsigned long. */ + f0 = ((ctx->h0 )|(ctx->h1<<26)) + (uint64_t)LE_READ_UINT32(s->b); + f1 = ((ctx->h1>> 6)|(ctx->h2<<20)) + (uint64_t)LE_READ_UINT32(s->b+4); + f2 = ((ctx->h2>>12)|(ctx->h3<<14)) + (uint64_t)LE_READ_UINT32(s->b+8); + f3 = ((ctx->h3>>18)|(ctx->h4<< 8)) + (uint64_t)LE_READ_UINT32(s->b+12); - LE_WRITE_UINT32(s, f0); + LE_WRITE_UINT32(s->b, f0); f1 += (f0 >> 32); - LE_WRITE_UINT32(s+4, f1); + LE_WRITE_UINT32(s->b+4, f1); f2 += (f1 >> 32); - LE_WRITE_UINT32(s+8, f2); + LE_WRITE_UINT32(s->b+8, f2); f3 += (f2 >> 32); - LE_WRITE_UINT32(s+12, f3); + LE_WRITE_UINT32(s->b+12, f3); ctx->h0 = 0; ctx->h1 = 0; @@ -71,9 +71,9 @@ struct poly1305_ctx { /* Low-level internal interface. */ void poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[POLY1305_KEY_SIZE]); /* Extracts digest, and adds it to s, the encrypted nonce. */ -void poly1305_digest (struct poly1305_ctx *ctx, uint8_t *s); +void poly1305_digest (struct poly1305_ctx *ctx, union nettle_block16 *s); /* Internal function. Process one block. */ -void _poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[POLY1305_BLOCK_SIZE], +void _poly1305_block (struct poly1305_ctx *ctx, const uint8_t *m, unsigned high); /* poly1305-aes */ |