Commit b87ec212 authored by Niels Möller's avatar Niels Möller

Rearrange cmac's block_mulx, make it closer to xts_shift.

* xts.c (xts_shift): Arrange with a single write to u64[1].
* cmac.c (block_mulx): Rewrite to work in the same way as
xts_shift, with 64-bit operations. XTS and CMAC use opposite
endianness, but otherwise, these two functions are identical.
parent 0beec6b2
2019-03-27 Niels Möller <nisse@lysator.liu.se>
* xts.c (xts_shift): Arrange with a single write to u64[1].
* cmac.c (block_mulx): Rewrite to work in the same way as
xts_shift, with 64-bit operations. XTS and CMAC use opposite
endianness, but otherwise, these two functions are identical.
2019-03-24 Niels Möller <nisse@lysator.liu.se> 2019-03-24 Niels Möller <nisse@lysator.liu.se>
From Simo Sorce: From Simo Sorce:
......
...@@ -47,22 +47,27 @@ ...@@ -47,22 +47,27 @@
#include "macros.h" #include "macros.h"
/* shift one and XOR with 0x87. */ /* shift one and XOR with 0x87. */
#if WORDS_BIGENDIAN
static void static void
block_mulx(union nettle_block16 *dst, block_mulx(union nettle_block16 *dst,
const union nettle_block16 *src) const union nettle_block16 *src)
{ {
uint64_t b1 = READ_UINT64(src->b); uint64_t carry = src->u64[0] >> 63;
uint64_t b2 = READ_UINT64(src->b+8); dst->u64[0] = (src->u64[0] << 1) | (src->u64[1] >> 63);
dst->u64[1] = (src->u64[1] << 1) ^ (0x87 & -carry);
b1 = (b1 << 1) | (b2 >> 63); }
b2 <<= 1; #else /* !WORDS_BIGENDIAN */
#define LE_SHIFT(x) ((((x) & 0x7f7f7f7f7f7f7f7f) << 1) | \
if (src->b[0] & 0x80) (((x) & 0x8080808080808080) >> 15))
b2 ^= 0x87; static void
block_mulx(union nettle_block16 *dst,
WRITE_UINT64(dst->b, b1); const union nettle_block16 *src)
WRITE_UINT64(dst->b+8, b2); {
uint64_t carry = (src->u64[0] & 0x80) >> 7;
dst->u64[0] = LE_SHIFT(src->u64[0]) | ((src->u64[1] & 0x80) << 49);
dst->u64[1] = LE_SHIFT(src->u64[1]) ^ (0x8700000000000000 & -carry);
} }
#endif /* !WORDS_BIGENDIAN */
void void
cmac128_set_key(struct cmac128_ctx *ctx, const void *cipher, cmac128_set_key(struct cmac128_ctx *ctx, const void *cipher,
......
...@@ -57,8 +57,7 @@ xts_shift(union nettle_block16 *dst, ...@@ -57,8 +57,7 @@ xts_shift(union nettle_block16 *dst,
{ {
uint64_t carry = (src->u64[1] & 0x80) >> 7; uint64_t carry = (src->u64[1] & 0x80) >> 7;
dst->u64[1] = BE_SHIFT(src->u64[1]) | ((src->u64[0] & 0x80) << 49); dst->u64[1] = BE_SHIFT(src->u64[1]) | ((src->u64[0] & 0x80) << 49);
dst->u64[0] = BE_SHIFT(src->u64[0]); dst->u64[0] = BE_SHIFT(src->u64[0]) ^ (0x8700000000000000 & -carry);
dst->u64[0] ^= 0x8700000000000000 & -carry;
} }
#else /* !WORDS_BIGENDIAN */ #else /* !WORDS_BIGENDIAN */
static void static void
...@@ -67,8 +66,7 @@ xts_shift(union nettle_block16 *dst, ...@@ -67,8 +66,7 @@ xts_shift(union nettle_block16 *dst,
{ {
uint64_t carry = src->u64[1] >> 63; uint64_t carry = src->u64[1] >> 63;
dst->u64[1] = (src->u64[1] << 1) | (src->u64[0] >> 63); dst->u64[1] = (src->u64[1] << 1) | (src->u64[0] >> 63);
dst->u64[0] = src->u64[0] << 1; dst->u64[0] = (src->u64[0] << 1) ^ (0x87 & -carry);
dst->u64[0] ^= 0x87 & -carry;
} }
#endif /* !WORDS_BIGNDIAN */ #endif /* !WORDS_BIGNDIAN */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment