Fix rotation macros to portably support zero rotation count.

diff --git a/ChangeLog b/ChangeLog
index 06ae8ff55bccbbc6b4eda38fd00b527189351cd9..958a85e36229f6ab5d4eb1d5053bbe98899b9196 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2013-05-17  Niels Möller  <nisse@lysator.liu.se>
 
+       * macros.h (ROTL32, ROTL64): Avoid undefined behaviour for zero
+       rotation count. Unfortunately makes CAST128 a bit slower with
+       gcc-4.6.3.
+
        * ecc-j-to-a.c (ecc_j_to_a): Fixed ecc_modp_mul call, to avoid
        invalid overlap of arguments to mpn_mul_n. Problem tracked down by
        Magnus Holmgren.

diff --git a/macros.h b/macros.h
index 38b9e2198152a393ca92907487b0c718bda582f6..5dbe29d31a563be12c7951fbef602aa64024bd41 100644 (file)
--- a/macros.h
+++ b/macros.h
@@ -141,9 +141,11 @@ do {                                               \
                  (dst) += (blocksize),         \
                  (src) += (blocksize)) )
 
-#define ROTL32(n,x) (((x)<<(n)) | ((x)>>(32-(n))))
-
-#define ROTL64(n,x) (((x)<<(n)) | ((x)>>(64-(n))))
+/* The masking of the right shift is needed to allow n == 0 (using
+   just 32 - n and 64 - n results in undefined behaviour). */
+#define ROTL32(n,x) (((x)<<(n)) | ((x)>>((-(n)&31))))
+  
+#define ROTL64(n,x) (((x)<<(n)) | ((x)>>((-(n))&63)))
 
 /* Requires that size > 0 */
 #define INCREMENT(size, ctr)                   \