2013-04-16 Niels Möller <nisse@lysator.liu.se>
- * umac-l2.c (_umac_l2): Deleted redundant memcpy.
-
* umac.h (umac32_ctx, umac64_ctx, umac96_ctx, umac128_ctx): Make
block count an uint64_t. Reorder some elements to put short values
together.
* umac-l2.c (_umac_l2, _umac_l2_final): Make count argument an uint64_t.
+ (_umac_l2): Deleted redundant memcpy.
+ (_umac_l2, _umac_l2_final): Store input buffer at end of the
+ poly64/poly128 state. Deleted l1_out from corresponding context
+ structs, and updated all callers.
* configure.ac: Changed version number to 2.7.
(LIBNETTLE_MINOR): Bumped library version, to 4.6
void
_umac_l2(const uint32_t *key, uint64_t *state, unsigned n,
- uint64_t count, uint64_t *prev, const uint64_t *m)
+ uint64_t count, const uint64_t *m)
{
+ uint64_t *prev = state + 2*n;
unsigned i;
if (count == 0)
void
_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n,
- uint64_t count, uint64_t *prev)
+ uint64_t count)
{
+ uint64_t *prev = state + 2*n;
unsigned i;
assert (count > 0);
uint32_t l3_key2[(n)]; \
/* AES cipher for encrypting the nonce */ \
struct aes_ctx pdf_key; \
- /* Buffer l1 output for one block. \
- FIXME: Make part of l2 state? */ \
- uint64_t l1_out[(n)]; \
- /* For both poly64-hashing and poly128 hashing */ \
- uint64_t l2_state[2*(n)]; \
+ /* The l2_state consists of 2*n uint64_t, for poly64 \
+ and poly128 hashing, followed by n additional \
+ uint64_t used as an input buffer. */ \
+ uint64_t l2_state[3*(n)]; \
/* Input to the pdf_key, zero-padded and low bits \
cleared if appropriate. */ \
uint8_t nonce[AES_BLOCK_SIZE]; \
void
_umac_l2(const uint32_t *key, uint64_t *state, unsigned n,
- uint64_t count, uint64_t *prev, const uint64_t *m);
+ uint64_t count, const uint64_t *m);
void
_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n,
- uint64_t count, uint64_t *prev);
+ uint64_t count);
void
_umac_l3_init (unsigned size, uint64_t *k);
__umac128_y[1] += 8*UMAC_BLOCK_SIZE; \
__umac128_y[2] += 8*UMAC_BLOCK_SIZE; \
__umac128_y[3] += 8*UMAC_BLOCK_SIZE; \
- _umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, \
- ctx->l1_out, __umac128_y); \
+ _umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, __umac128_y); \
} while (0)
void
y[1] += 8 * ctx->index;
y[2] += 8 * ctx->index;
y[3] += 8 * ctx->index;
- _umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++,
- ctx->l1_out, y);
+ _umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, y);
}
assert (ctx->count > 0);
INCREMENT (ctx->nonce_length, ctx->nonce);
- _umac_l2_final (ctx->l2_key, ctx->l2_state, 4, ctx->count, ctx->l1_out);
+ _umac_l2_final (ctx->l2_key, ctx->l2_state, 4, ctx->count);
for (i = 0; i < 4; i++)
tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i,
ctx->l2_state + 2*i);
uint64_t __umac32_y \
= _umac_nh (ctx->l1_key, UMAC_BLOCK_SIZE, block) \
+ 8*UMAC_BLOCK_SIZE ; \
- _umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, \
- ctx->l1_out, &__umac32_y); \
+ _umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, &__umac32_y); \
} while (0)
void
y = _umac_nh (ctx->l1_key, ctx->index + pad, ctx->block)
+ 8 * ctx->index;
- _umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++,
- ctx->l1_out, &y);
+ _umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, &y);
}
assert (ctx->count > 0);
if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED))
INCREMENT (i, ctx->nonce);
}
- _umac_l2_final (ctx->l2_key, ctx->l2_state, 1, ctx->count, ctx->l1_out);
+ _umac_l2_final (ctx->l2_key, ctx->l2_state, 1, ctx->count);
pad ^= ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1, ctx->l2_state);
memcpy (digest, &pad, length);
_umac_nh_n (__umac64_y, 2, ctx->l1_key, UMAC_BLOCK_SIZE, block); \
__umac64_y[0] += 8*UMAC_BLOCK_SIZE; \
__umac64_y[1] += 8*UMAC_BLOCK_SIZE; \
- _umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, \
- ctx->l1_out, __umac64_y); \
+ _umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, __umac64_y); \
} while (0)
void
_umac_nh_n (y, 2, ctx->l1_key, ctx->index + pad, ctx->block);
y[0] += 8 * ctx->index;
y[1] += 8 * ctx->index;
- _umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++,
- ctx->l1_out, y);
+ _umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, y);
}
assert (ctx->count > 0);
if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED))
INCREMENT (i, ctx->nonce);
}
- _umac_l2_final (ctx->l2_key, ctx->l2_state, 2, ctx->count, ctx->l1_out);
+ _umac_l2_final (ctx->l2_key, ctx->l2_state, 2, ctx->count);
tag[0] = pad[0] ^ ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1,
ctx->l2_state);
tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _umac_l3 (ctx->l3_key1 + 8,
__umac96_y[0] += 8*UMAC_BLOCK_SIZE; \
__umac96_y[1] += 8*UMAC_BLOCK_SIZE; \
__umac96_y[2] += 8*UMAC_BLOCK_SIZE; \
- _umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, \
- ctx->l1_out, __umac96_y); \
+ _umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, __umac96_y); \
} while (0)
void
y[0] += 8 * ctx->index;
y[1] += 8 * ctx->index;
y[2] += 8 * ctx->index;
- _umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++,
- ctx->l1_out, y);
+ _umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, y);
}
assert (ctx->count > 0);
INCREMENT (ctx->nonce_length, ctx->nonce);
- _umac_l2_final (ctx->l2_key, ctx->l2_state, 3, ctx->count, ctx->l1_out);
+ _umac_l2_final (ctx->l2_key, ctx->l2_state, 3, ctx->count);
for (i = 0; i < 3; i++)
tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i,
ctx->l2_state + 2*i);
projects / thirdparty / nettle.git / commitdiff
