[git] GCRYPT - branch, master, updated. libgcrypt-1.8.1-151-gafab94d
by Jussi Kivilinna
cvs at cvs.gnupg.org
Sun Jan 27 12:05:30 CET 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via afab94d222425ecb838eb56cb0723bdaf3e5de36 (commit)
from c15409c49993166ab1325d45360b3a8fe72a5556 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit afab94d222425ecb838eb56cb0723bdaf3e5de36
Author: Jussi Kivilinna <jussi.kivilinna at iki.fi>
Date: Sun Jan 27 12:55:22 2019 +0200
Do not precalculate OCB offset L0+L1+L0
* cipher/cipher-internal.h (gcry_cipher_handle): Remove OCB L0L1L0.
* cipher/cipher-ocb.c (_gcry_cipher_ocb_setkey): Ditto.
* cipher/rijndael-aesni.c (aesni_ocb_enc, aesni_ocb_dec)
(_gcry_aes_aesni_ocb_auth): Replace L0L1L0 use with L1.
--
Patch fixes L0+L1+L0 thinko. This is same as L1 (L0 xor L1 xor L0).
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h
index 79de140..5ece774 100644
--- a/cipher/cipher-internal.h
+++ b/cipher/cipher-internal.h
@@ -322,7 +322,6 @@ struct gcry_cipher_handle
unsigned char L_star[OCB_BLOCK_LEN];
unsigned char L_dollar[OCB_BLOCK_LEN];
unsigned char L0L1[OCB_BLOCK_LEN];
- unsigned char L0L1L0[OCB_BLOCK_LEN];
unsigned char L[OCB_L_TABLE_SIZE][OCB_BLOCK_LEN];
/* --- Following members are cleared in gcry_cipher_reset --- */
diff --git a/cipher/cipher-ocb.c b/cipher/cipher-ocb.c
index be6b8df..308b049 100644
--- a/cipher/cipher-ocb.c
+++ b/cipher/cipher-ocb.c
@@ -141,11 +141,9 @@ void _gcry_cipher_ocb_setkey (gcry_cipher_hd_t c)
double_block_cpy (c->u_mode.ocb.L[0], c->u_mode.ocb.L_dollar);
for (i = 1; i < OCB_L_TABLE_SIZE; i++)
double_block_cpy (c->u_mode.ocb.L[i], c->u_mode.ocb.L[i-1]);
- /* Precalculated offsets L0+L1, L0+L1+L0 */
+ /* Precalculated offset L0+L1 */
cipher_block_xor (c->u_mode.ocb.L0L1,
c->u_mode.ocb.L[0], c->u_mode.ocb.L[1], OCB_BLOCK_LEN);
- cipher_block_xor (c->u_mode.ocb.L0L1L0,
- c->u_mode.ocb.L[0], c->u_mode.ocb.L0L1, OCB_BLOCK_LEN);
/* Cleanup */
wipememory (ktop, sizeof ktop);
diff --git a/cipher/rijndael-aesni.c b/cipher/rijndael-aesni.c
index ec9f4d4..9883861 100644
--- a/cipher/rijndael-aesni.c
+++ b/cipher/rijndael-aesni.c
@@ -2429,11 +2429,11 @@ aesni_ocb_enc (gcry_cipher_hd_t c, void *outbuf_arg,
l = aes_ocb_get_l(c, n);
asm volatile ("movdqu %[l0l1], %%xmm10\n\t"
- "movdqu %[l0l1l0], %%xmm11\n\t"
+ "movdqu %[l1], %%xmm11\n\t"
"movdqu %[l3], %%xmm15\n\t"
:
: [l0l1] "m" (*c->u_mode.ocb.L0L1),
- [l0l1l0] "m" (*c->u_mode.ocb.L0L1L0),
+ [l1] "m" (*c->u_mode.ocb.L[1]),
[l3] "m" (*l)
: "memory" );
@@ -2561,13 +2561,13 @@ aesni_ocb_enc (gcry_cipher_hd_t c, void *outbuf_arg,
[l0l1] "m" (*c->u_mode.ocb.L0L1),
[inbuf0] "m" (*(inbuf + 0 * BLOCKSIZE))
: "memory" );
- asm volatile ("movdqu %[l0l1l0], %%xmm4\n\t"
+ asm volatile ("movdqu %[l1], %%xmm4\n\t"
"movdqu %[l3], %%xmm6\n\t"
"pxor %%xmm5, %%xmm0\n\t"
"pxor %%xmm0, %%xmm1\n\t"
"movdqu %%xmm0, %[outbuf0]\n\t"
: [outbuf0] "=m" (*(outbuf + 0 * BLOCKSIZE))
- : [l0l1l0] "m" (*c->u_mode.ocb.L0L1L0),
+ : [l1] "m" (*c->u_mode.ocb.L[1]),
[l3] "m" (*l)
: "memory" );
asm volatile ("movdqu %[inbuf1], %%xmm2\n\t"
@@ -2730,11 +2730,11 @@ aesni_ocb_dec (gcry_cipher_hd_t c, void *outbuf_arg,
l = aes_ocb_get_l(c, n);
asm volatile ("movdqu %[l0l1], %%xmm10\n\t"
- "movdqu %[l0l1l0], %%xmm11\n\t"
+ "movdqu %[l1], %%xmm11\n\t"
"movdqu %[l3], %%xmm15\n\t"
:
: [l0l1] "m" (*c->u_mode.ocb.L0L1),
- [l0l1l0] "m" (*c->u_mode.ocb.L0L1L0),
+ [l1] "m" (*c->u_mode.ocb.L[1]),
[l3] "m" (*l)
: "memory" );
@@ -2862,13 +2862,13 @@ aesni_ocb_dec (gcry_cipher_hd_t c, void *outbuf_arg,
[l0l1] "m" (*c->u_mode.ocb.L0L1),
[inbuf0] "m" (*(inbuf + 0 * BLOCKSIZE))
: "memory" );
- asm volatile ("movdqu %[l0l1l0], %%xmm4\n\t"
+ asm volatile ("movdqu %[l1], %%xmm4\n\t"
"movdqu %[l3], %%xmm6\n\t"
"pxor %%xmm5, %%xmm0\n\t"
"pxor %%xmm0, %%xmm1\n\t"
"movdqu %%xmm0, %[outbuf0]\n\t"
: [outbuf0] "=m" (*(outbuf + 0 * BLOCKSIZE))
- : [l0l1l0] "m" (*c->u_mode.ocb.L0L1L0),
+ : [l1] "m" (*c->u_mode.ocb.L[1]),
[l3] "m" (*l)
: "memory" );
asm volatile ("movdqu %[inbuf1], %%xmm2\n\t"
@@ -3028,11 +3028,11 @@ _gcry_aes_aesni_ocb_auth (gcry_cipher_hd_t c, const void *abuf_arg,
asm volatile ("movdqu %[l0], %%xmm7\n\t"
"movdqu %[l0l1], %%xmm12\n\t"
- "movdqu %[l0l1l0], %%xmm13\n\t"
+ "movdqu %[l1], %%xmm13\n\t"
:
: [l0] "m" (*c->u_mode.ocb.L[0]),
[l0l1] "m" (*c->u_mode.ocb.L0L1),
- [l0l1l0] "m" (*c->u_mode.ocb.L0L1L0)
+ [l1] "m" (*c->u_mode.ocb.L[1])
: "memory" );
for ( ;nblocks >= 8 ; nblocks -= 8 )
@@ -3138,12 +3138,12 @@ _gcry_aes_aesni_ocb_auth (gcry_cipher_hd_t c, const void *abuf_arg,
[l0l1] "m" (*c->u_mode.ocb.L0L1),
[abuf0] "m" (*(abuf + 0 * BLOCKSIZE))
: "memory" );
- asm volatile ("movdqu %[l0l1l0], %%xmm4\n\t"
+ asm volatile ("movdqu %[l1], %%xmm4\n\t"
"movdqu %[l3], %%xmm7\n\t"
"pxor %%xmm5, %%xmm0\n\t"
"pxor %%xmm0, %%xmm1\n\t"
:
- : [l0l1l0] "m" (*c->u_mode.ocb.L0L1L0),
+ : [l1] "m" (*c->u_mode.ocb.L[1]),
[l3] "m" (*l)
: "memory" );
asm volatile ("movdqu %[abuf1], %%xmm2\n\t"
-----------------------------------------------------------------------
Summary of changes:
cipher/cipher-internal.h | 1 -
cipher/cipher-ocb.c | 4 +---
cipher/rijndael-aesni.c | 24 ++++++++++++------------
3 files changed, 13 insertions(+), 16 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits
More information about the Gcrypt-devel
mailing list