Commit a33775b0 authored by Niels Möller's avatar Niels Möller

Deleted some obscuring macros.

parent 2e589356
2012-03-31 Niels Möller <nisse@lysator.liu.se>
* salsa20.c (ROTL32): Deleted macro, use the one from macros.h
instead, with reversed order of arguments.
(ROTATE, XOR, PLUS, PLUSONE): Deleted macros, use ROTL32 and
builtin operators directly.
Unification of rotation macros.
* macros.h (ROTL32): New macro, to replace (almost) all other
rotation macros.
......
......@@ -37,11 +37,11 @@
#include "salsa20.h"
#define ROTL32(x,n) ((((x))<<(n)) | (((x))>>(32-(n))))
#include "macros.h"
#define SWAP32(v) \
((ROTL32(v, 8) & 0x00FF00FFUL) | \
(ROTL32(v, 24) & 0xFF00FF00UL))
((ROTL32(8, v) & 0x00FF00FFUL) | \
(ROTL32(24, v) & 0xFF00FF00UL))
#ifdef WORDS_BIGENDIAN
#define U32TO32_LITTLE(v) SWAP32(v)
......@@ -52,17 +52,6 @@
#define U8TO32_LITTLE(p) U32TO32_LITTLE(((uint32_t*)(p))[0])
#define U32TO8_LITTLE(p, v) (((uint32_t*)(p))[0] = U32TO32_LITTLE(v))
/*
salsa20-ref.c version 20051118
D. J. Bernstein
Public domain.
*/
#define ROTATE(v,c) (ROTL32(v,c))
#define XOR(v,w) ((v) ^ (w))
#define PLUS(v,w) ((v) + (w))
#define PLUSONE(v) (PLUS((v),1))
static void salsa20_wordtobyte(uint8_t output[64],const uint32_t input[16])
{
uint32_t x[16];
......@@ -70,40 +59,40 @@ static void salsa20_wordtobyte(uint8_t output[64],const uint32_t input[16])
for (i = 0;i < 16;++i) x[i] = input[i];
for (i = 20;i > 0;i -= 2) {
x[ 4] = XOR(x[ 4],ROTATE(PLUS(x[ 0],x[12]), 7));
x[ 8] = XOR(x[ 8],ROTATE(PLUS(x[ 4],x[ 0]), 9));
x[12] = XOR(x[12],ROTATE(PLUS(x[ 8],x[ 4]),13));
x[ 0] = XOR(x[ 0],ROTATE(PLUS(x[12],x[ 8]),18));
x[ 9] = XOR(x[ 9],ROTATE(PLUS(x[ 5],x[ 1]), 7));
x[13] = XOR(x[13],ROTATE(PLUS(x[ 9],x[ 5]), 9));
x[ 1] = XOR(x[ 1],ROTATE(PLUS(x[13],x[ 9]),13));
x[ 5] = XOR(x[ 5],ROTATE(PLUS(x[ 1],x[13]),18));
x[14] = XOR(x[14],ROTATE(PLUS(x[10],x[ 6]), 7));
x[ 2] = XOR(x[ 2],ROTATE(PLUS(x[14],x[10]), 9));
x[ 6] = XOR(x[ 6],ROTATE(PLUS(x[ 2],x[14]),13));
x[10] = XOR(x[10],ROTATE(PLUS(x[ 6],x[ 2]),18));
x[ 3] = XOR(x[ 3],ROTATE(PLUS(x[15],x[11]), 7));
x[ 7] = XOR(x[ 7],ROTATE(PLUS(x[ 3],x[15]), 9));
x[11] = XOR(x[11],ROTATE(PLUS(x[ 7],x[ 3]),13));
x[15] = XOR(x[15],ROTATE(PLUS(x[11],x[ 7]),18));
x[ 1] = XOR(x[ 1],ROTATE(PLUS(x[ 0],x[ 3]), 7));
x[ 2] = XOR(x[ 2],ROTATE(PLUS(x[ 1],x[ 0]), 9));
x[ 3] = XOR(x[ 3],ROTATE(PLUS(x[ 2],x[ 1]),13));
x[ 0] = XOR(x[ 0],ROTATE(PLUS(x[ 3],x[ 2]),18));
x[ 6] = XOR(x[ 6],ROTATE(PLUS(x[ 5],x[ 4]), 7));
x[ 7] = XOR(x[ 7],ROTATE(PLUS(x[ 6],x[ 5]), 9));
x[ 4] = XOR(x[ 4],ROTATE(PLUS(x[ 7],x[ 6]),13));
x[ 5] = XOR(x[ 5],ROTATE(PLUS(x[ 4],x[ 7]),18));
x[11] = XOR(x[11],ROTATE(PLUS(x[10],x[ 9]), 7));
x[ 8] = XOR(x[ 8],ROTATE(PLUS(x[11],x[10]), 9));
x[ 9] = XOR(x[ 9],ROTATE(PLUS(x[ 8],x[11]),13));
x[10] = XOR(x[10],ROTATE(PLUS(x[ 9],x[ 8]),18));
x[12] = XOR(x[12],ROTATE(PLUS(x[15],x[14]), 7));
x[13] = XOR(x[13],ROTATE(PLUS(x[12],x[15]), 9));
x[14] = XOR(x[14],ROTATE(PLUS(x[13],x[12]),13));
x[15] = XOR(x[15],ROTATE(PLUS(x[14],x[13]),18));
x[ 4] ^= ROTL32( 7, x[ 0] + x[12]);
x[ 8] ^= ROTL32( 9, x[ 4] + x[ 0]);
x[12] ^= ROTL32(13, x[ 8] + x[ 4]);
x[ 0] ^= ROTL32(18, x[12] + x[ 8]);
x[ 9] ^= ROTL32( 7, x[ 5] + x[ 1]);
x[13] ^= ROTL32( 9, x[ 9] + x[ 5]);
x[ 1] ^= ROTL32(13, x[13] + x[ 9]);
x[ 5] ^= ROTL32(18, x[ 1] + x[13]);
x[14] ^= ROTL32( 7, x[10] + x[ 6]);
x[ 2] ^= ROTL32( 9, x[14] + x[10]);
x[ 6] ^= ROTL32(13, x[ 2] + x[14]);
x[10] ^= ROTL32(18, x[ 6] + x[ 2]);
x[ 3] ^= ROTL32( 7, x[15] + x[11]);
x[ 7] ^= ROTL32( 9, x[ 3] + x[15]);
x[11] ^= ROTL32(13, x[ 7] + x[ 3]);
x[15] ^= ROTL32(18, x[11] + x[ 7]);
x[ 1] ^= ROTL32( 7, x[ 0] + x[ 3]);
x[ 2] ^= ROTL32( 9, x[ 1] + x[ 0]);
x[ 3] ^= ROTL32(13, x[ 2] + x[ 1]);
x[ 0] ^= ROTL32(18, x[ 3] + x[ 2]);
x[ 6] ^= ROTL32( 7, x[ 5] + x[ 4]);
x[ 7] ^= ROTL32( 9, x[ 6] + x[ 5]);
x[ 4] ^= ROTL32(13, x[ 7] + x[ 6]);
x[ 5] ^= ROTL32(18, x[ 4] + x[ 7]);
x[11] ^= ROTL32( 7, x[10] + x[ 9]);
x[ 8] ^= ROTL32( 9, x[11] + x[10]);
x[ 9] ^= ROTL32(13, x[ 8] + x[11]);
x[10] ^= ROTL32(18, x[ 9] + x[ 8]);
x[12] ^= ROTL32( 7, x[15] + x[14]);
x[13] ^= ROTL32( 9, x[12] + x[15]);
x[14] ^= ROTL32(13, x[13] + x[12]);
x[15] ^= ROTL32(18, x[14] + x[13]);
}
for (i = 0;i < 16;++i) x[i] = PLUS(x[i],input[i]);
for (i = 0;i < 16;++i) x[i] = x[i] + input[i];
for (i = 0;i < 16;++i) U32TO8_LITTLE(output + 4 * i,x[i]);
}
......@@ -161,9 +150,9 @@ salsa20_crypt(struct salsa20_ctx *ctx,
if (!length) return;
for (;;) {
salsa20_wordtobyte(output,ctx->input);
ctx->input[8] = PLUSONE(ctx->input[8]);
ctx->input[8]++;
if (!ctx->input[8]) {
ctx->input[9] = PLUSONE(ctx->input[9]);
ctx->input[9]++;
/* stopping at 2^70 length per nonce is user's responsibility */
}
if (length <= 64) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment