Commit dca9abf1 authored by Niels Möller's avatar Niels Möller

poly1305_digest: Use union nettle_block16.

parent efdf4f4b
2014-01-20 Niels Möller <nisse@lysator.liu.se> 2014-01-20 Niels Möller <nisse@lysator.liu.se>
* poly1305-internal.c (poly1305_digest): Use union nettle_block16
for s argument.
* poly1305-aes.c (poly1305_aes_digest): Update for poly1305_digest
change.
Merged poly1305 changes (starting at 2013-11-08). Merged poly1305 changes (starting at 2013-11-08).
* x86_64/poly1305-internal.asm: Update to new interface. * x86_64/poly1305-internal.asm: Update to new interface.
poly1305_digest much simplified. poly1305_digest much simplified.
......
...@@ -47,7 +47,8 @@ poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx, ...@@ -47,7 +47,8 @@ poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx,
#define COMPRESS(ctx, data) _poly1305_block(&(ctx)->pctx, (data), 1) #define COMPRESS(ctx, data) _poly1305_block(&(ctx)->pctx, (data), 1)
void void
poly1305_aes_update (struct poly1305_aes_ctx *ctx, size_t length, const uint8_t *data) poly1305_aes_update (struct poly1305_aes_ctx *ctx,
size_t length, const uint8_t *data)
{ {
MD_UPDATE (ctx, length, data, COMPRESS, (void) 0); MD_UPDATE (ctx, length, data, COMPRESS, (void) 0);
} }
...@@ -56,7 +57,7 @@ void ...@@ -56,7 +57,7 @@ void
poly1305_aes_digest (struct poly1305_aes_ctx *ctx, poly1305_aes_digest (struct poly1305_aes_ctx *ctx,
size_t length, uint8_t *digest) size_t length, uint8_t *digest)
{ {
uint8_t s[POLY1305_BLOCK_SIZE]; union nettle_block16 s;
/* final bytes */ /* final bytes */
if (ctx->index > 0) if (ctx->index > 0)
{ {
...@@ -68,10 +69,10 @@ poly1305_aes_digest (struct poly1305_aes_ctx *ctx, ...@@ -68,10 +69,10 @@ poly1305_aes_digest (struct poly1305_aes_ctx *ctx,
_poly1305_block (&ctx->pctx, ctx->block, 0); _poly1305_block (&ctx->pctx, ctx->block, 0);
} }
aes128_encrypt(&ctx->aes, POLY1305_BLOCK_SIZE, s, ctx->nonce); aes128_encrypt(&ctx->aes, POLY1305_BLOCK_SIZE, s.b, ctx->nonce);
poly1305_digest (&ctx->pctx, s); poly1305_digest (&ctx->pctx, &s);
memcpy (digest, s, length); memcpy (digest, s.b, length);
INCREMENT (16, ctx->nonce); INCREMENT (16, ctx->nonce);
ctx->index = 0; ctx->index = 0;
......
...@@ -86,7 +86,7 @@ poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[16]) ...@@ -86,7 +86,7 @@ poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[16])
} }
void void
_poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[16], unsigned t4) _poly1305_block (struct poly1305_ctx *ctx, const uint8_t *m, unsigned t4)
{ {
uint32_t t0,t1,t2,t3; uint32_t t0,t1,t2,t3;
uint32_t b; uint32_t b;
...@@ -121,7 +121,7 @@ _poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[16], unsigned t4) ...@@ -121,7 +121,7 @@ _poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[16], unsigned t4)
/* Adds digest to the nonce */ /* Adds digest to the nonce */
void void
poly1305_digest (struct poly1305_ctx *ctx, uint8_t *s) poly1305_digest (struct poly1305_ctx *ctx, union nettle_block16 *s)
{ {
uint32_t b, nb; uint32_t b, nb;
uint64_t f0,f1,f2,f3; uint64_t f0,f1,f2,f3;
...@@ -149,18 +149,19 @@ poly1305_digest (struct poly1305_ctx *ctx, uint8_t *s) ...@@ -149,18 +149,19 @@ poly1305_digest (struct poly1305_ctx *ctx, uint8_t *s)
ctx->h3 = (ctx->h3 & nb) | (g3 & b); ctx->h3 = (ctx->h3 & nb) | (g3 & b);
ctx->h4 = (ctx->h4 & nb) | (g4 & b); ctx->h4 = (ctx->h4 & nb) | (g4 & b);
f0 = ((ctx->h0 ) | (ctx->h1 << 26)) + (uint64_t)LE_READ_UINT32(s); /* FIXME: Take advantage of s being aligned as an unsigned long. */
f1 = ((ctx->h1 >> 6) | (ctx->h2 << 20)) + (uint64_t)LE_READ_UINT32(s+4); f0 = ((ctx->h0 )|(ctx->h1<<26)) + (uint64_t)LE_READ_UINT32(s->b);
f2 = ((ctx->h2 >> 12) | (ctx->h3 << 14)) + (uint64_t)LE_READ_UINT32(s+8); f1 = ((ctx->h1>> 6)|(ctx->h2<<20)) + (uint64_t)LE_READ_UINT32(s->b+4);
f3 = ((ctx->h3 >> 18) | (ctx->h4 << 8)) + (uint64_t)LE_READ_UINT32(s+12); f2 = ((ctx->h2>>12)|(ctx->h3<<14)) + (uint64_t)LE_READ_UINT32(s->b+8);
f3 = ((ctx->h3>>18)|(ctx->h4<< 8)) + (uint64_t)LE_READ_UINT32(s->b+12);
LE_WRITE_UINT32(s, f0); LE_WRITE_UINT32(s->b, f0);
f1 += (f0 >> 32); f1 += (f0 >> 32);
LE_WRITE_UINT32(s+4, f1); LE_WRITE_UINT32(s->b+4, f1);
f2 += (f1 >> 32); f2 += (f1 >> 32);
LE_WRITE_UINT32(s+8, f2); LE_WRITE_UINT32(s->b+8, f2);
f3 += (f2 >> 32); f3 += (f2 >> 32);
LE_WRITE_UINT32(s+12, f3); LE_WRITE_UINT32(s->b+12, f3);
ctx->h0 = 0; ctx->h0 = 0;
ctx->h1 = 0; ctx->h1 = 0;
......
...@@ -71,9 +71,9 @@ struct poly1305_ctx { ...@@ -71,9 +71,9 @@ struct poly1305_ctx {
/* Low-level internal interface. */ /* Low-level internal interface. */
void poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[POLY1305_KEY_SIZE]); void poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[POLY1305_KEY_SIZE]);
/* Extracts digest, and adds it to s, the encrypted nonce. */ /* Extracts digest, and adds it to s, the encrypted nonce. */
void poly1305_digest (struct poly1305_ctx *ctx, uint8_t *s); void poly1305_digest (struct poly1305_ctx *ctx, union nettle_block16 *s);
/* Internal function. Process one block. */ /* Internal function. Process one block. */
void _poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[POLY1305_BLOCK_SIZE], void _poly1305_block (struct poly1305_ctx *ctx, const uint8_t *m,
unsigned high); unsigned high);
/* poly1305-aes */ /* poly1305-aes */
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment