From 4edada8a8d7cee59e673fb11d80c8db7a6d27f61 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Wed, 12 Oct 2016 15:29:36 +0200
Subject: [PATCH] New function _skein256_expand.

---
 ChangeLog                 |  6 ++++++
 skein.h                   |  5 +++++
 skein256.c                | 24 ++++++++++++++++--------
 testsuite/skein256-test.c | 14 +++-----------
 4 files changed, 30 insertions(+), 19 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 67acb06a..7cdde45d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2016-10-12  Niels Möller  <nisse@lysator.liu.se>
+
+	* skein256.c (_skein256_expand): New function.
+	(skein256_process_block): Use it.
+	* testsuite/skein256-test.c (test_skein256_block): Use it.
+
 2016-10-10  Niels Möller  <nisse@lysator.liu.se>
 
 	* skein.h (struct skein256_ctx): New context struct.
diff --git a/skein.h b/skein.h
index da795d41..a5d09de1 100644
--- a/skein.h
+++ b/skein.h
@@ -44,6 +44,7 @@ extern "C" {
 #define skein256_init nettle_skein256_init
 #define skein256_update nettle_skein256_update
 #define skein256_digest nettle_skein256_digest
+#define _skein256_expand _nettle_skein256_expand
 #define _skein256_block _nettle_skein256_block
 
 #define SKEIN256_BLOCK_SIZE 32
@@ -79,6 +80,10 @@ skein256_digest(struct skein256_ctx *ctx,
 
 #define _SKEIN_C240 0x1BD11BDAA9FC1A22ULL
 
+void
+_skein256_expand(uint64_t keys[_SKEIN256_NKEYS],
+		 uint64_t tweak[_SKEIN_NTWEAK]);
+
 void
 _skein256_block (uint64_t dst[_SKEIN256_LENGTH],
 		 const uint64_t keys[_SKEIN256_NKEYS],
diff --git a/skein256.c b/skein256.c
index 8e3f3a9e..703182a9 100644
--- a/skein256.c
+++ b/skein256.c
@@ -138,6 +138,19 @@ _skein256_block (uint64_t dst[_SKEIN256_LENGTH],
   dst[3] = s3 ^ w3;
 }
 
+void
+_skein256_expand(uint64_t keys[_SKEIN256_NKEYS],
+		 uint64_t tweak[_SKEIN_NTWEAK])
+{
+  uint64_t sum;
+  unsigned i;
+
+  for (i = 0, sum = _SKEIN_C240; i < _SKEIN256_LENGTH; i++)
+    sum ^= keys[i];
+  keys[_SKEIN256_LENGTH] = sum;
+  tweak[2] = tweak[0] ^ tweak[1];
+}
+
 void
 skein256_init(struct skein256_ctx *ctx)
 {
@@ -158,19 +171,14 @@ skein256_process_block(struct skein256_ctx *ctx,
 		       const uint8_t *data)
 {
   /* Expand key */
-  uint64_t tweak[3];
-  uint64_t sum;
-  unsigned i;
-
-  for (i = 0, sum = _SKEIN_C240; i < _SKEIN256_LENGTH; i++)
-    sum ^= ctx->state[i];
-  ctx->state[_SKEIN256_LENGTH] = sum;
+  uint64_t tweak[_SKEIN_NTWEAK];
 
   tag |= ((ctx->count == 0) << 6);
 
   tweak[0] = (ctx->count << 5) + length;
   tweak[1] = (ctx->count >> 59) | ((unsigned long long) tag << 56);
-  tweak[2] = tweak[0] ^ tweak[1];
+  _skein256_expand(ctx->state, tweak);
+
   _skein256_block(ctx->state, ctx->state, tweak, data);
 
   ctx->count++;
diff --git a/testsuite/skein256-test.c b/testsuite/skein256-test.c
index b36c2086..2613d9ba 100644
--- a/testsuite/skein256-test.c
+++ b/testsuite/skein256-test.c
@@ -22,18 +22,10 @@ test_skein256_block (const uint64_t keys[4],
   uint64_t keys_expanded[_SKEIN256_NKEYS];
   uint64_t tweak_expanded[_SKEIN_NTWEAK];
   uint64_t output[_SKEIN256_LENGTH];
-  uint64_t sum;
-  unsigned i;
-  for (i = 0, sum = _SKEIN_C240; i < _SKEIN256_LENGTH; i++)
-    {
-      keys_expanded[i] = keys[i];
-      sum ^= keys[i];
-    }
-  keys_expanded[_SKEIN256_LENGTH] = sum;
-  tweak_expanded[0] = tweak[0];
-  tweak_expanded[1] = tweak[1];
-  tweak_expanded[2] = tweak[0] ^ tweak[1];
 
+  memcpy (keys_expanded, keys, _SKEIN256_LENGTH * sizeof(*keys));
+  memcpy (tweak_expanded, tweak, 2*sizeof(*tweak));
+  _skein256_expand (keys_expanded, tweak_expanded);
   _skein256_block(output, keys_expanded, tweak_expanded, msg);
   if (memcmp (output, ref, sizeof(output)) != 0)
     {
-- 
GitLab