Merge branch 'block16-refactor' into master-updates

7aa7ae63 · Niels Möller · 41b6e728 · e3cfe987 · 7aa7ae63 · 7aa7ae63
Commit 7aa7ae63 authored Aug 23, 2019 by Niels Möller
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 71 deletions

ChangeLog ChangeLog +6 -0

eax.c eax.c +2 -6

gcm.c gcm.c +16 -64

nettle-types.h nettle-types.h +1 -1

No files found.
--- a/ChangeLog
+++ b/ChangeLog
+2019-07-08  Niels Möller  <nisse@lysator.liu.se>
+
+	* nettle-types.h (union nettle_block16): Mark w member as deprecated.
+	* eax.c (block16_xor): Use uint64_t member of nettle_block16.
+	* gcm.c (gcm_gf_add, gcm_gf_shift, gcm_gf_shift_8): Likewise.
+
 2019-07-10  Niels Möller  <nisse@lysator.liu.se>

 	From Dmitry Eremin-Solenikov:

--- a/eax.c
+++ b/eax.c
@@ -54,12 +54,8 @@ omac_init (union nettle_block16 *state, unsigned t)
 static void
 block16_xor (union nettle_block16 *dst, const union nettle_block16 *src)
 {
-  dst->w[0] ^= src->w[0];
-  dst->w[1] ^= src->w[1];
-#if SIZEOF_LONG == 4
-  dst->w[2] ^= src->w[2];
-  dst->w[3] ^= src->w[3];
-#endif
+  dst->u64[0] ^= src->u64[0];
+  dst->u64[1] ^= src->u64[1];
 }

 static void

--- a/gcm.c
+++ b/gcm.c
@@ -60,12 +60,8 @@ static void
 gcm_gf_add (union nettle_block16 *r,
 	    const union nettle_block16 *x, const union nettle_block16 *y)
 {
-  r->w[0] = x->w[0] ^ y->w[0];
-  r->w[1] = x->w[1] ^ y->w[1];
-#if SIZEOF_LONG == 4
-  r->w[2] = x->w[2] ^ y->w[2];
-  r->w[3] = x->w[3] ^ y->w[3];
-#endif      
+  r->u64[0] = x->u64[0] ^ y->u64[0];
+  r->u64[1] = x->u64[1] ^ y->u64[1];
 }
 /* Multiplication by 010...0; a big-endian shift right. If the bit
   shifted out is one, the defining polynomial is added to cancel it
@@ -73,43 +69,20 @@ gcm_gf_add (union nettle_block16 *r,
 static void
 gcm_gf_shift (union nettle_block16 *r, const union nettle_block16 *x)
 {
-  long mask;
+  uint64_t mask;

  /* Shift uses big-endian representation. */
 #if WORDS_BIGENDIAN
-# if SIZEOF_LONG == 4
-  mask = - (x->w[3] & 1);
-  r->w[3] = (x->w[3] >> 1) | ((x->w[2] & 1) << 31);
-  r->w[2] = (x->w[2] >> 1) | ((x->w[1] & 1) << 31);
-  r->w[1] = (x->w[1] >> 1) | ((x->w[0] & 1) << 31);
-  r->w[0] = (x->w[0] >> 1) ^ (mask & (GHASH_POLYNOMIAL << 24)); 
-# elif SIZEOF_LONG == 8
-  mask = - (x->w[1] & 1);
-  r->w[1] = (x->w[1] >> 1) | ((x->w[0] & 1) << 63);
-  r->w[0] = (x->w[0] >> 1) ^ (mask & (GHASH_POLYNOMIAL << 56));
-# else
-#  error Unsupported word size. */
-#endif
+  mask = - (x->u64[1] & 1);
+  r->u64[1] = (x->u64[1] >> 1) | ((x->u64[0] & 1) << 63);
+  r->u64[0] = (x->u64[0] >> 1) ^ (mask & ((uint64_t) GHASH_POLYNOMIAL << 56));
 #else /* ! WORDS_BIGENDIAN */
-# if SIZEOF_LONG == 4
-#define RSHIFT_WORD(x) \
-  ((((x) & 0xfefefefeUL) >> 1) \
-   | (((x) & 0x00010101) << 15))
-  mask = - ((x->w[3] >> 24) & 1);
-  r->w[3] = RSHIFT_WORD(x->w[3]) | ((x->w[2] >> 17) & 0x80);
-  r->w[2] = RSHIFT_WORD(x->w[2]) | ((x->w[1] >> 17) & 0x80);
-  r->w[1] = RSHIFT_WORD(x->w[1]) | ((x->w[0] >> 17) & 0x80);
-  r->w[0] = RSHIFT_WORD(x->w[0]) ^ (mask & GHASH_POLYNOMIAL);
-# elif SIZEOF_LONG == 8
 #define RSHIFT_WORD(x) \
  ((((x) & 0xfefefefefefefefeUL) >> 1) \
   | (((x) & 0x0001010101010101UL) << 15))
-  mask = - ((x->w[1] >> 56) & 1);
-  r->w[1] = RSHIFT_WORD(x->w[1]) | ((x->w[0] >> 49) & 0x80);
-  r->w[0] = RSHIFT_WORD(x->w[0]) ^ (mask & GHASH_POLYNOMIAL);
-# else
-#  error Unsupported word size. */
-# endif
+  mask = - ((x->u64[1] >> 56) & 1);
+  r->u64[1] = RSHIFT_WORD(x->u64[1]) | ((x->u64[0] >> 49) & 0x80);
+  r->u64[0] = RSHIFT_WORD(x->u64[0]) ^ (mask & GHASH_POLYNOMIAL);
 # undef RSHIFT_WORD
 #endif /* ! WORDS_BIGENDIAN */
 }
@@ -268,38 +241,17 @@ shift_table[0x100] = {
 static void
 gcm_gf_shift_8(union nettle_block16 *x)
 {
-  unsigned long *w = x->w;
-  unsigned long reduce;
+  uint64_t reduce;

  /* Shift uses big-endian representation. */
 #if WORDS_BIGENDIAN
-# if SIZEOF_LONG == 4
-  reduce = shift_table[w[3] & 0xff];
-  w[3] = (w[3] >> 8) | ((w[2] & 0xff) << 24);
-  w[2] = (w[2] >> 8) | ((w[1] & 0xff) << 24);
-  w[1] = (w[1] >> 8) | ((w[0] & 0xff) << 24);
-  w[0] = (w[0] >> 8) ^ (reduce << 16);
-# elif SIZEOF_LONG == 8
-  reduce = shift_table[w[1] & 0xff];
-  w[1] = (w[1] >> 8) | ((w[0] & 0xff) << 56);
-  w[0] = (w[0] >> 8) ^ (reduce << 48);
-# else
-#  error Unsupported word size. */
-#endif
+  reduce = shift_table[x->u64[1] & 0xff];
+  x->u64[1] = (x->u64[1] >> 8) | ((x->u64[0] & 0xff) << 56);
+  x->u64[0] = (x->u64[0] >> 8) ^ (reduce << 48);
 #else /* ! WORDS_BIGENDIAN */
-# if SIZEOF_LONG == 4
-  reduce = shift_table[(w[3] >> 24) & 0xff];
-  w[3] = (w[3] << 8) | (w[2] >> 24);
-  w[2] = (w[2] << 8) | (w[1] >> 24);
-  w[1] = (w[1] << 8) | (w[0] >> 24);
-  w[0] = (w[0] << 8) ^ reduce;
-# elif SIZEOF_LONG == 8
-  reduce = shift_table[(w[1] >> 56) & 0xff];
-  w[1] = (w[1] << 8) | (w[0] >> 56);
-  w[0] = (w[0] << 8) ^ reduce;
-# else
-#  error Unsupported word size. */
-# endif
+  reduce = shift_table[(x->u64[1] >> 56) & 0xff];
+  x->u64[1] = (x->u64[1] << 8) | (x->u64[0] >> 56);
+  x->u64[0] = (x->u64[0] << 8) ^ reduce;
 #endif /* ! WORDS_BIGENDIAN */
 }


--- a/nettle-types.h
+++ b/nettle-types.h
@@ -61,7 +61,7 @@ extern "C" {
 union nettle_block16
 {
  uint8_t b[16];
-  unsigned long w[16 / sizeof(unsigned long)];
+  unsigned long w[16 / sizeof(unsigned long)] _NETTLE_ATTRIBUTE_DEPRECATED;
  uint64_t u64[2];
 };