Commit 7aa7ae63 authored by Niels Möller's avatar Niels Möller

Merge branch 'block16-refactor' into master-updates

parents 41b6e728 e3cfe987
2019-07-08 Niels Möller <nisse@lysator.liu.se>
* nettle-types.h (union nettle_block16): Mark w member as deprecated.
* eax.c (block16_xor): Use uint64_t member of nettle_block16.
* gcm.c (gcm_gf_add, gcm_gf_shift, gcm_gf_shift_8): Likewise.
2019-07-10 Niels Möller <nisse@lysator.liu.se> 2019-07-10 Niels Möller <nisse@lysator.liu.se>
From Dmitry Eremin-Solenikov: From Dmitry Eremin-Solenikov:
......
...@@ -54,12 +54,8 @@ omac_init (union nettle_block16 *state, unsigned t) ...@@ -54,12 +54,8 @@ omac_init (union nettle_block16 *state, unsigned t)
static void static void
block16_xor (union nettle_block16 *dst, const union nettle_block16 *src) block16_xor (union nettle_block16 *dst, const union nettle_block16 *src)
{ {
dst->w[0] ^= src->w[0]; dst->u64[0] ^= src->u64[0];
dst->w[1] ^= src->w[1]; dst->u64[1] ^= src->u64[1];
#if SIZEOF_LONG == 4
dst->w[2] ^= src->w[2];
dst->w[3] ^= src->w[3];
#endif
} }
static void static void
......
...@@ -60,12 +60,8 @@ static void ...@@ -60,12 +60,8 @@ static void
gcm_gf_add (union nettle_block16 *r, gcm_gf_add (union nettle_block16 *r,
const union nettle_block16 *x, const union nettle_block16 *y) const union nettle_block16 *x, const union nettle_block16 *y)
{ {
r->w[0] = x->w[0] ^ y->w[0]; r->u64[0] = x->u64[0] ^ y->u64[0];
r->w[1] = x->w[1] ^ y->w[1]; r->u64[1] = x->u64[1] ^ y->u64[1];
#if SIZEOF_LONG == 4
r->w[2] = x->w[2] ^ y->w[2];
r->w[3] = x->w[3] ^ y->w[3];
#endif
} }
/* Multiplication by 010...0; a big-endian shift right. If the bit /* Multiplication by 010...0; a big-endian shift right. If the bit
shifted out is one, the defining polynomial is added to cancel it shifted out is one, the defining polynomial is added to cancel it
...@@ -73,43 +69,20 @@ gcm_gf_add (union nettle_block16 *r, ...@@ -73,43 +69,20 @@ gcm_gf_add (union nettle_block16 *r,
static void static void
gcm_gf_shift (union nettle_block16 *r, const union nettle_block16 *x) gcm_gf_shift (union nettle_block16 *r, const union nettle_block16 *x)
{ {
long mask; uint64_t mask;
/* Shift uses big-endian representation. */ /* Shift uses big-endian representation. */
#if WORDS_BIGENDIAN #if WORDS_BIGENDIAN
# if SIZEOF_LONG == 4 mask = - (x->u64[1] & 1);
mask = - (x->w[3] & 1); r->u64[1] = (x->u64[1] >> 1) | ((x->u64[0] & 1) << 63);
r->w[3] = (x->w[3] >> 1) | ((x->w[2] & 1) << 31); r->u64[0] = (x->u64[0] >> 1) ^ (mask & ((uint64_t) GHASH_POLYNOMIAL << 56));
r->w[2] = (x->w[2] >> 1) | ((x->w[1] & 1) << 31);
r->w[1] = (x->w[1] >> 1) | ((x->w[0] & 1) << 31);
r->w[0] = (x->w[0] >> 1) ^ (mask & (GHASH_POLYNOMIAL << 24));
# elif SIZEOF_LONG == 8
mask = - (x->w[1] & 1);
r->w[1] = (x->w[1] >> 1) | ((x->w[0] & 1) << 63);
r->w[0] = (x->w[0] >> 1) ^ (mask & (GHASH_POLYNOMIAL << 56));
# else
# error Unsupported word size. */
#endif
#else /* ! WORDS_BIGENDIAN */ #else /* ! WORDS_BIGENDIAN */
# if SIZEOF_LONG == 4
#define RSHIFT_WORD(x) \
((((x) & 0xfefefefeUL) >> 1) \
| (((x) & 0x00010101) << 15))
mask = - ((x->w[3] >> 24) & 1);
r->w[3] = RSHIFT_WORD(x->w[3]) | ((x->w[2] >> 17) & 0x80);
r->w[2] = RSHIFT_WORD(x->w[2]) | ((x->w[1] >> 17) & 0x80);
r->w[1] = RSHIFT_WORD(x->w[1]) | ((x->w[0] >> 17) & 0x80);
r->w[0] = RSHIFT_WORD(x->w[0]) ^ (mask & GHASH_POLYNOMIAL);
# elif SIZEOF_LONG == 8
#define RSHIFT_WORD(x) \ #define RSHIFT_WORD(x) \
((((x) & 0xfefefefefefefefeUL) >> 1) \ ((((x) & 0xfefefefefefefefeUL) >> 1) \
| (((x) & 0x0001010101010101UL) << 15)) | (((x) & 0x0001010101010101UL) << 15))
mask = - ((x->w[1] >> 56) & 1); mask = - ((x->u64[1] >> 56) & 1);
r->w[1] = RSHIFT_WORD(x->w[1]) | ((x->w[0] >> 49) & 0x80); r->u64[1] = RSHIFT_WORD(x->u64[1]) | ((x->u64[0] >> 49) & 0x80);
r->w[0] = RSHIFT_WORD(x->w[0]) ^ (mask & GHASH_POLYNOMIAL); r->u64[0] = RSHIFT_WORD(x->u64[0]) ^ (mask & GHASH_POLYNOMIAL);
# else
# error Unsupported word size. */
# endif
# undef RSHIFT_WORD # undef RSHIFT_WORD
#endif /* ! WORDS_BIGENDIAN */ #endif /* ! WORDS_BIGENDIAN */
} }
...@@ -268,38 +241,17 @@ shift_table[0x100] = { ...@@ -268,38 +241,17 @@ shift_table[0x100] = {
static void static void
gcm_gf_shift_8(union nettle_block16 *x) gcm_gf_shift_8(union nettle_block16 *x)
{ {
unsigned long *w = x->w; uint64_t reduce;
unsigned long reduce;
/* Shift uses big-endian representation. */ /* Shift uses big-endian representation. */
#if WORDS_BIGENDIAN #if WORDS_BIGENDIAN
# if SIZEOF_LONG == 4 reduce = shift_table[x->u64[1] & 0xff];
reduce = shift_table[w[3] & 0xff]; x->u64[1] = (x->u64[1] >> 8) | ((x->u64[0] & 0xff) << 56);
w[3] = (w[3] >> 8) | ((w[2] & 0xff) << 24); x->u64[0] = (x->u64[0] >> 8) ^ (reduce << 48);
w[2] = (w[2] >> 8) | ((w[1] & 0xff) << 24);
w[1] = (w[1] >> 8) | ((w[0] & 0xff) << 24);
w[0] = (w[0] >> 8) ^ (reduce << 16);
# elif SIZEOF_LONG == 8
reduce = shift_table[w[1] & 0xff];
w[1] = (w[1] >> 8) | ((w[0] & 0xff) << 56);
w[0] = (w[0] >> 8) ^ (reduce << 48);
# else
# error Unsupported word size. */
#endif
#else /* ! WORDS_BIGENDIAN */ #else /* ! WORDS_BIGENDIAN */
# if SIZEOF_LONG == 4 reduce = shift_table[(x->u64[1] >> 56) & 0xff];
reduce = shift_table[(w[3] >> 24) & 0xff]; x->u64[1] = (x->u64[1] << 8) | (x->u64[0] >> 56);
w[3] = (w[3] << 8) | (w[2] >> 24); x->u64[0] = (x->u64[0] << 8) ^ reduce;
w[2] = (w[2] << 8) | (w[1] >> 24);
w[1] = (w[1] << 8) | (w[0] >> 24);
w[0] = (w[0] << 8) ^ reduce;
# elif SIZEOF_LONG == 8
reduce = shift_table[(w[1] >> 56) & 0xff];
w[1] = (w[1] << 8) | (w[0] >> 56);
w[0] = (w[0] << 8) ^ reduce;
# else
# error Unsupported word size. */
# endif
#endif /* ! WORDS_BIGENDIAN */ #endif /* ! WORDS_BIGENDIAN */
} }
......
...@@ -61,7 +61,7 @@ extern "C" { ...@@ -61,7 +61,7 @@ extern "C" {
union nettle_block16 union nettle_block16
{ {
uint8_t b[16]; uint8_t b[16];
unsigned long w[16 / sizeof(unsigned long)]; unsigned long w[16 / sizeof(unsigned long)] _NETTLE_ATTRIBUTE_DEPRECATED;
uint64_t u64[2]; uint64_t u64[2];
}; };
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment