Commit 5938db8f authored by Niels Möller's avatar Niels Möller

Minor reorg of umac l3 hashing.

parent 34aef19b
2013-04-11 Niels Möller <nisse@lysator.liu.se>
* umac-set-key.c (_umac_set_key): Drop byteswapping of l3_key2, it
can be xored directly to the pad in native byteorder.
* umac-l3.c (_umac_l3): Drop key_2 argument, let caller do that
xor. Updated all callers.
* umac32.c (umac32_digest): Adapt to l3 changes.
* umac64.c (umac64_digest): Likewise.
* umac96.c (umac96_digest): Likewise.
* umac128.c (umac128_digest): Likewise.
Initial implementation of umac.
* umac.h: New file.
* umac-nh.c: New file.
......
......@@ -74,11 +74,11 @@ umac_l3_word (const uint64_t *k, uint64_t w)
}
uint32_t
_umac_l3 (const uint64_t *key_1, uint32_t key_2, const uint64_t *m)
_umac_l3 (const uint64_t *key, const uint64_t *m)
{
uint32_t y = (umac_l3_word (key_1, m[0])
+ umac_l3_word (key_1 + 4, m[1])) % P;
y ^= key_2;
uint32_t y = (umac_l3_word (key, m[0])
+ umac_l3_word (key + 4, m[1])) % P;
#if !WORDS_BIGENDIAN
y = ((ROTL32(8, y) & 0x00FF00FFUL)
| (ROTL32(24, y) & 0xFF00FF00UL));
......
......@@ -90,8 +90,8 @@ _umac_set_key (uint32_t *l1_key, uint32_t *l2_key,
umac_kdf (aes, 3, size * sizeof(uint64_t), (uint8_t *) l3_key1);
_umac_l3_init (size, l3_key1);
/* No need to byteswap these subkeys. */
umac_kdf (aes, 4, n * sizeof(uint32_t), (uint8_t *) l3_key2);
BE_SWAP32_N (n, l3_key2);
umac_kdf (aes, 0, UMAC_KEY_SIZE, buffer);
aes_set_encrypt_key (aes, UMAC_KEY_SIZE, buffer);
......
......@@ -221,7 +221,7 @@ void
_umac_l3_init (unsigned size, uint64_t *k);
uint32_t
_umac_l3 (const uint64_t *key_1, uint32_t key_2, const uint64_t *m);
_umac_l3 (const uint64_t *key, const uint64_t *m);
#ifdef __cplusplus
}
......
......@@ -117,7 +117,8 @@ umac128_digest (struct umac128_ctx *ctx,
_umac_l2_final (ctx->l2_key, ctx->l2_state, 4, ctx->count, ctx->l1_out);
for (i = 0; i < 4; i++)
tag[i] ^= _umac_l3 (ctx->l3_key1 + 8*i, ctx->l3_key2[i], ctx->l2_state + 2*i);
tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i,
ctx->l2_state + 2*i);
memcpy (digest, tag, length);
......
......@@ -122,7 +122,7 @@ umac32_digest (struct umac32_ctx *ctx,
}
_umac_l2_final (ctx->l2_key, ctx->l2_state, 1, ctx->count, ctx->l1_out);
pad ^= _umac_l3 (ctx->l3_key1, ctx->l3_key2[0], ctx->l2_state);
pad ^= ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1, ctx->l2_state);
memcpy (digest, &pad, length);
/* Reinitialize */
......
......@@ -125,9 +125,10 @@ umac64_digest (struct umac64_ctx *ctx,
}
_umac_l2_final (ctx->l2_key, ctx->l2_state, 2, ctx->count, ctx->l1_out);
tag[0] = pad[0] ^ _umac_l3 (ctx->l3_key1, ctx->l3_key2[0], ctx->l2_state);
tag[1] = pad[1] ^ _umac_l3 (ctx->l3_key1 + 8, ctx->l3_key2[1],
ctx->l2_state + 2);
tag[0] = pad[0] ^ ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1,
ctx->l2_state);
tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _umac_l3 (ctx->l3_key1 + 8,
ctx->l2_state + 2);
memcpy (digest, tag, length);
/* Reinitialize */
......
......@@ -115,7 +115,8 @@ umac96_digest (struct umac96_ctx *ctx,
_umac_l2_final (ctx->l2_key, ctx->l2_state, 3, ctx->count, ctx->l1_out);
for (i = 0; i < 3; i++)
tag[i] ^= _umac_l3 (ctx->l3_key1 + 8*i, ctx->l3_key2[i], ctx->l2_state + 2*i);
tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i,
ctx->l2_state + 2*i);
memcpy (digest, tag, length);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment