From: Niels Möller <nisse@lysator.liu.se>
Date: Mon, 20 Jun 2011 13:54:21 +0000 (+0200)
Subject: (SBOX0_INVERSE): Eliminated temporaries.
X-Git-Tag: nettle_2.2_release_20110711~48
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aecde8cd6f61b81e2ba64a0fac24ce3933b8e851;p=thirdparty%2Fnettle.git

(SBOX0_INVERSE): Eliminated temporaries.

Rev: nettle/serpent-decrypt.c:1.4
---

diff --git a/serpent-decrypt.c b/serpent-decrypt.c
index 1a6fbb47..2256fa84 100644
--- a/serpent-decrypt.c
+++ b/serpent-decrypt.c
@@ -66,33 +66,49 @@
    (GPL), although some comments in the code still say otherwise. You
    are welcome to use Serpent for any application."  */
 
-/* FIXME: Except when used within the key schedule, the inputs are not
-   used after the substitution, and hence we could allow them to be
-   destroyed. Can this freedom be used to optimize the sboxes? */
-
+/* Original single-assignment form:
+
+     t01 = x2  ^ x3;
+     t02 = x0  | x1;
+     t03 = x1  | x2;
+     t04 = x2  & t01;
+     t05 = t02 ^ t01;
+     t06 = x0  | t04;
+     y2  =     ~ t05;
+     t08 = x1  ^ x3;
+     t09 = t03 & t08;
+     t10 = x3  | y2;
+     y1  = t09 ^ t06;
+     t12 = x0  | t05;
+     t13 = y1  ^ t12;
+     t14 = t03 ^ t10;
+     t15 = x0  ^ x2;
+     y3  = t14 ^ t13;
+     t17 = t05 & t13;
+     t18 = t14 | t17;
+     y0  = t15 ^ t18;
+*/
 #define SBOX0_INVERSE(type, x0, x1, x2, x3, y0, y1, y2, y3)	\
-  do { \
-    type t02, t03, t04, t05, t06, t08, t09, t10;	\
-    type t12, t13, t14, t15, t17, t18, t01; \
-    t01 = x2  ^ x3; \
-    t02 = x0  | x1; \
-    t03 = x1  | x2; \
-    t04 = x2  & t01; \
-    t05 = t02 ^ t01; \
-    t06 = x0  | t04; \
-    y2  =     ~ t05; \
-    t08 = x1  ^ x3; \
-    t09 = t03 & t08; \
-    t10 = x3  | y2; \
-    y1  = t09 ^ t06; \
-    t12 = x0  | t05; \
-    t13 = y1  ^ t12; \
-    t14 = t03 ^ t10; \
-    t15 = x0  ^ x2; \
-    y3  = t14 ^ t13; \
-    t17 = t05 & t13; \
-    t18 = t14 | t17; \
-    y0  = t15 ^ t18; \
+  do {								\
+    y0  = x0 ^ x2;						\
+    y2  = x0 | x1;						\
+    y1  = x2 ^ x3;						\
+    y2 ^= y1;							\
+    y1 &= x2;							\
+    x2 |= x1;							\
+    x1 ^= x3;							\
+    y1 |= x0;							\
+    x1 &= x2;							\
+    y1 ^= x1;							\
+    x0 |= y2;							\
+    x0 ^= y1;							\
+    x1  = y2 & x0;						\
+    y2  = ~ y2;							\
+    x3 |= y2;							\
+    x3 ^= x2;							\
+    y3  = x3 ^ x0;						\
+    x1 |= x3;							\
+    y0 ^= x1;							\
   } while (0)
 
 #define SBOX1_INVERSE(type, x0, x1, x2, x3, y0, y1, y2, y3) \