Commit e1646357 authored by Niels Möller's avatar Niels Möller

Eliminated l1_out from umac context structs, store at end of l2_state instead.

parent 448502d6
2013-04-16 Niels Möller <nisse@lysator.liu.se> 2013-04-16 Niels Möller <nisse@lysator.liu.se>
* umac-l2.c (_umac_l2): Deleted redundant memcpy.
* umac.h (umac32_ctx, umac64_ctx, umac96_ctx, umac128_ctx): Make * umac.h (umac32_ctx, umac64_ctx, umac96_ctx, umac128_ctx): Make
block count an uint64_t. Reorder some elements to put short values block count an uint64_t. Reorder some elements to put short values
together. together.
* umac-l2.c (_umac_l2, _umac_l2_final): Make count argument an uint64_t. * umac-l2.c (_umac_l2, _umac_l2_final): Make count argument an uint64_t.
(_umac_l2): Deleted redundant memcpy.
(_umac_l2, _umac_l2_final): Store input buffer at end of the
poly64/poly128 state. Deleted l1_out from corresponding context
structs, and updated all callers.
* configure.ac: Changed version number to 2.7. * configure.ac: Changed version number to 2.7.
(LIBNETTLE_MINOR): Bumped library version, to 4.6 (LIBNETTLE_MINOR): Bumped library version, to 4.6
......
...@@ -57,8 +57,9 @@ _umac_l2_init (unsigned size, uint32_t *k) ...@@ -57,8 +57,9 @@ _umac_l2_init (unsigned size, uint32_t *k)
void void
_umac_l2(const uint32_t *key, uint64_t *state, unsigned n, _umac_l2(const uint32_t *key, uint64_t *state, unsigned n,
uint64_t count, uint64_t *prev, const uint64_t *m) uint64_t count, const uint64_t *m)
{ {
uint64_t *prev = state + 2*n;
unsigned i; unsigned i;
if (count == 0) if (count == 0)
...@@ -94,8 +95,9 @@ _umac_l2(const uint32_t *key, uint64_t *state, unsigned n, ...@@ -94,8 +95,9 @@ _umac_l2(const uint32_t *key, uint64_t *state, unsigned n,
void void
_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n, _umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n,
uint64_t count, uint64_t *prev) uint64_t count)
{ {
uint64_t *prev = state + 2*n;
unsigned i; unsigned i;
assert (count > 0); assert (count > 0);
......
...@@ -73,11 +73,10 @@ extern "C" { ...@@ -73,11 +73,10 @@ extern "C" {
uint32_t l3_key2[(n)]; \ uint32_t l3_key2[(n)]; \
/* AES cipher for encrypting the nonce */ \ /* AES cipher for encrypting the nonce */ \
struct aes_ctx pdf_key; \ struct aes_ctx pdf_key; \
/* Buffer l1 output for one block. \ /* The l2_state consists of 2*n uint64_t, for poly64 \
FIXME: Make part of l2 state? */ \ and poly128 hashing, followed by n additional \
uint64_t l1_out[(n)]; \ uint64_t used as an input buffer. */ \
/* For both poly64-hashing and poly128 hashing */ \ uint64_t l2_state[3*(n)]; \
uint64_t l2_state[2*(n)]; \
/* Input to the pdf_key, zero-padded and low bits \ /* Input to the pdf_key, zero-padded and low bits \
cleared if appropriate. */ \ cleared if appropriate. */ \
uint8_t nonce[AES_BLOCK_SIZE]; \ uint8_t nonce[AES_BLOCK_SIZE]; \
...@@ -219,11 +218,11 @@ _umac_l2_init (unsigned size, uint32_t *k); ...@@ -219,11 +218,11 @@ _umac_l2_init (unsigned size, uint32_t *k);
void void
_umac_l2(const uint32_t *key, uint64_t *state, unsigned n, _umac_l2(const uint32_t *key, uint64_t *state, unsigned n,
uint64_t count, uint64_t *prev, const uint64_t *m); uint64_t count, const uint64_t *m);
void void
_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n, _umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n,
uint64_t count, uint64_t *prev); uint64_t count);
void void
_umac_l3_init (unsigned size, uint64_t *k); _umac_l3_init (unsigned size, uint64_t *k);
......
...@@ -66,8 +66,7 @@ umac128_set_nonce (struct umac128_ctx *ctx, ...@@ -66,8 +66,7 @@ umac128_set_nonce (struct umac128_ctx *ctx,
__umac128_y[1] += 8*UMAC_BLOCK_SIZE; \ __umac128_y[1] += 8*UMAC_BLOCK_SIZE; \
__umac128_y[2] += 8*UMAC_BLOCK_SIZE; \ __umac128_y[2] += 8*UMAC_BLOCK_SIZE; \
__umac128_y[3] += 8*UMAC_BLOCK_SIZE; \ __umac128_y[3] += 8*UMAC_BLOCK_SIZE; \
_umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, \ _umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, __umac128_y); \
ctx->l1_out, __umac128_y); \
} while (0) } while (0)
void void
...@@ -100,8 +99,7 @@ umac128_digest (struct umac128_ctx *ctx, ...@@ -100,8 +99,7 @@ umac128_digest (struct umac128_ctx *ctx,
y[1] += 8 * ctx->index; y[1] += 8 * ctx->index;
y[2] += 8 * ctx->index; y[2] += 8 * ctx->index;
y[3] += 8 * ctx->index; y[3] += 8 * ctx->index;
_umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, _umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, y);
ctx->l1_out, y);
} }
assert (ctx->count > 0); assert (ctx->count > 0);
...@@ -110,7 +108,7 @@ umac128_digest (struct umac128_ctx *ctx, ...@@ -110,7 +108,7 @@ umac128_digest (struct umac128_ctx *ctx,
INCREMENT (ctx->nonce_length, ctx->nonce); INCREMENT (ctx->nonce_length, ctx->nonce);
_umac_l2_final (ctx->l2_key, ctx->l2_state, 4, ctx->count, ctx->l1_out); _umac_l2_final (ctx->l2_key, ctx->l2_state, 4, ctx->count);
for (i = 0; i < 4; i++) for (i = 0; i < 4; i++)
tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i, tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i,
ctx->l2_state + 2*i); ctx->l2_state + 2*i);
......
...@@ -66,8 +66,7 @@ umac32_set_nonce (struct umac32_ctx *ctx, ...@@ -66,8 +66,7 @@ umac32_set_nonce (struct umac32_ctx *ctx,
uint64_t __umac32_y \ uint64_t __umac32_y \
= _umac_nh (ctx->l1_key, UMAC_BLOCK_SIZE, block) \ = _umac_nh (ctx->l1_key, UMAC_BLOCK_SIZE, block) \
+ 8*UMAC_BLOCK_SIZE ; \ + 8*UMAC_BLOCK_SIZE ; \
_umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, \ _umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, &__umac32_y); \
ctx->l1_out, &__umac32_y); \
} while (0) } while (0)
void void
...@@ -96,8 +95,7 @@ umac32_digest (struct umac32_ctx *ctx, ...@@ -96,8 +95,7 @@ umac32_digest (struct umac32_ctx *ctx,
y = _umac_nh (ctx->l1_key, ctx->index + pad, ctx->block) y = _umac_nh (ctx->l1_key, ctx->index + pad, ctx->block)
+ 8 * ctx->index; + 8 * ctx->index;
_umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, _umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, &y);
ctx->l1_out, &y);
} }
assert (ctx->count > 0); assert (ctx->count > 0);
if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED)) if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED))
...@@ -122,7 +120,7 @@ umac32_digest (struct umac32_ctx *ctx, ...@@ -122,7 +120,7 @@ umac32_digest (struct umac32_ctx *ctx,
INCREMENT (i, ctx->nonce); INCREMENT (i, ctx->nonce);
} }
_umac_l2_final (ctx->l2_key, ctx->l2_state, 1, ctx->count, ctx->l1_out); _umac_l2_final (ctx->l2_key, ctx->l2_state, 1, ctx->count);
pad ^= ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1, ctx->l2_state); pad ^= ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1, ctx->l2_state);
memcpy (digest, &pad, length); memcpy (digest, &pad, length);
......
...@@ -67,8 +67,7 @@ umac64_set_nonce (struct umac64_ctx *ctx, ...@@ -67,8 +67,7 @@ umac64_set_nonce (struct umac64_ctx *ctx,
_umac_nh_n (__umac64_y, 2, ctx->l1_key, UMAC_BLOCK_SIZE, block); \ _umac_nh_n (__umac64_y, 2, ctx->l1_key, UMAC_BLOCK_SIZE, block); \
__umac64_y[0] += 8*UMAC_BLOCK_SIZE; \ __umac64_y[0] += 8*UMAC_BLOCK_SIZE; \
__umac64_y[1] += 8*UMAC_BLOCK_SIZE; \ __umac64_y[1] += 8*UMAC_BLOCK_SIZE; \
_umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, \ _umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, __umac64_y); \
ctx->l1_out, __umac64_y); \
} while (0) } while (0)
void void
...@@ -99,8 +98,7 @@ umac64_digest (struct umac64_ctx *ctx, ...@@ -99,8 +98,7 @@ umac64_digest (struct umac64_ctx *ctx,
_umac_nh_n (y, 2, ctx->l1_key, ctx->index + pad, ctx->block); _umac_nh_n (y, 2, ctx->l1_key, ctx->index + pad, ctx->block);
y[0] += 8 * ctx->index; y[0] += 8 * ctx->index;
y[1] += 8 * ctx->index; y[1] += 8 * ctx->index;
_umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, _umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, y);
ctx->l1_out, y);
} }
assert (ctx->count > 0); assert (ctx->count > 0);
if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED)) if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED))
...@@ -124,7 +122,7 @@ umac64_digest (struct umac64_ctx *ctx, ...@@ -124,7 +122,7 @@ umac64_digest (struct umac64_ctx *ctx,
INCREMENT (i, ctx->nonce); INCREMENT (i, ctx->nonce);
} }
_umac_l2_final (ctx->l2_key, ctx->l2_state, 2, ctx->count, ctx->l1_out); _umac_l2_final (ctx->l2_key, ctx->l2_state, 2, ctx->count);
tag[0] = pad[0] ^ ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1, tag[0] = pad[0] ^ ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1,
ctx->l2_state); ctx->l2_state);
tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _umac_l3 (ctx->l3_key1 + 8, tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _umac_l3 (ctx->l3_key1 + 8,
......
...@@ -65,8 +65,7 @@ umac96_set_nonce (struct umac96_ctx *ctx, ...@@ -65,8 +65,7 @@ umac96_set_nonce (struct umac96_ctx *ctx,
__umac96_y[0] += 8*UMAC_BLOCK_SIZE; \ __umac96_y[0] += 8*UMAC_BLOCK_SIZE; \
__umac96_y[1] += 8*UMAC_BLOCK_SIZE; \ __umac96_y[1] += 8*UMAC_BLOCK_SIZE; \
__umac96_y[2] += 8*UMAC_BLOCK_SIZE; \ __umac96_y[2] += 8*UMAC_BLOCK_SIZE; \
_umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, \ _umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, __umac96_y); \
ctx->l1_out, __umac96_y); \
} while (0) } while (0)
void void
...@@ -98,8 +97,7 @@ umac96_digest (struct umac96_ctx *ctx, ...@@ -98,8 +97,7 @@ umac96_digest (struct umac96_ctx *ctx,
y[0] += 8 * ctx->index; y[0] += 8 * ctx->index;
y[1] += 8 * ctx->index; y[1] += 8 * ctx->index;
y[2] += 8 * ctx->index; y[2] += 8 * ctx->index;
_umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, _umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, y);
ctx->l1_out, y);
} }
assert (ctx->count > 0); assert (ctx->count > 0);
...@@ -108,7 +106,7 @@ umac96_digest (struct umac96_ctx *ctx, ...@@ -108,7 +106,7 @@ umac96_digest (struct umac96_ctx *ctx,
INCREMENT (ctx->nonce_length, ctx->nonce); INCREMENT (ctx->nonce_length, ctx->nonce);
_umac_l2_final (ctx->l2_key, ctx->l2_state, 3, ctx->count, ctx->l1_out); _umac_l2_final (ctx->l2_key, ctx->l2_state, 3, ctx->count);
for (i = 0; i < 3; i++) for (i = 0; i < 3; i++)
tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i, tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i,
ctx->l2_state + 2*i); ctx->l2_state + 2*i);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment