From: Niels Möller <nisse@lysator.liu.se>
Date: Sat, 31 Mar 2012 19:34:44 +0000 (+0200)
Subject: Use ROTL32 in the cast128 code.
X-Git-Tag: nettle_2.5_release_20120707~65
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a7bd5fa7554ec4b474c92a26339de2e87cac13e9;p=thirdparty%2Fnettle.git

Use ROTL32 in the cast128 code.
---

diff --git a/ChangeLog b/ChangeLog
index 0eaa6718..36191aec 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,9 @@
 	(ROL128): ... old name.
 	* camellia-crypt-internal.c: Updated for renamed rotation macros.
 	* camellia-set-encrypt-key.c: Likewise.
+	* cast128.c (ROL): Deleted macro.
+	(F1, F2, F3): Updated to use ROTL32 (reversed order of arguments).
+	Also added proper do { ... } while (0) wrappers.
 
 2012-03-30  Niels MÃ¶ller  <nisse@lysator.liu.se>
 
diff --git a/cast128.c b/cast128.c
index 81c00b24..4345b74d 100644
--- a/cast128.c
+++ b/cast128.c
@@ -50,22 +50,22 @@
 #define U8c(x) ( (uint8_t) ((x>>8)&0xff) )
 #define U8d(x) ( (uint8_t) ((x)&0xff) )
 
-/* Circular left shift */
-#define ROL(x, n) ( ((x)<<(n)) | ((x)>>(32-(n))) )
-
 /* CAST-128 uses three different round functions */
-#define F1(l, r, i) \
-	t = ROL(ctx->keys[i] + r, ctx->keys[i+16]); \
-	l ^= ((cast_sbox1[U8a(t)] ^ cast_sbox2[U8b(t)]) \
-	 - cast_sbox3[U8c(t)]) + cast_sbox4[U8d(t)];
-#define F2(l, r, i) \
-	t = ROL(ctx->keys[i] ^ r, ctx->keys[i+16]); \
-	l ^= ((cast_sbox1[U8a(t)] - cast_sbox2[U8b(t)]) \
-	 + cast_sbox3[U8c(t)]) ^ cast_sbox4[U8d(t)];
-#define F3(l, r, i) \
-	t = ROL(ctx->keys[i] - r, ctx->keys[i+16]); \
-	l ^= ((cast_sbox1[U8a(t)] + cast_sbox2[U8b(t)]) \
-	 ^ cast_sbox3[U8c(t)]) - cast_sbox4[U8d(t)];
+#define F1(l, r, i) do {				\
+    t = ROTL32(ctx->keys[i+16], ctx->keys[i] + r);	\
+    l ^= ((cast_sbox1[U8a(t)] ^ cast_sbox2[U8b(t)])	\
+	  - cast_sbox3[U8c(t)]) + cast_sbox4[U8d(t)];	\
+  } while (0)
+#define F2(l, r, i) do {				\
+    t = ROTL32( ctx->keys[i+16], ctx->keys[i] ^ r);	\
+    l ^= ((cast_sbox1[U8a(t)] - cast_sbox2[U8b(t)])	\
+	  + cast_sbox3[U8c(t)]) ^ cast_sbox4[U8d(t)];	\
+  } while (0)
+#define F3(l, r, i) do { \
+    t = ROTL32(ctx->keys[i+16], ctx->keys[i] - r);	\
+    l ^= ((cast_sbox1[U8a(t)] + cast_sbox2[U8b(t)])	\
+	  ^ cast_sbox3[U8c(t)]) - cast_sbox4[U8d(t)];	\
+  } while (0)
 
 
 /***** Encryption Function *****/