Mercurial > dropbear
comparison src/encauth/gcm/gcm_gf_mult.c @ 192:9cc34777b479 libtomcrypt
propagate from branch 'au.asn.ucc.matt.ltc-orig' (head 9ba8f01f44320e9cb9f19881105ae84f84a43ea9)
to branch 'au.asn.ucc.matt.dropbear.ltc' (head dbf51c569bc34956ad948e4cc87a0eeb2170b768)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sun, 08 May 2005 06:36:47 +0000 |
parents | 1c15b283127b |
children | 39d5d58461d6 |
comparison
equal
deleted
inserted
replaced
164:cd1143579f00 | 192:9cc34777b479 |
---|---|
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
2 * | |
3 * LibTomCrypt is a library that provides various cryptographic | |
4 * algorithms in a highly modular and flexible manner. | |
5 * | |
6 * The library is free for all purposes without any express | |
7 * guarantee it works. | |
8 * | |
9 * Tom St Denis, [email protected], http://libtomcrypt.org | |
10 */ | |
11 | |
12 /** | |
13 @file gcm_gf_mult.c | |
14 GCM implementation, initialize state, by Tom St Denis | |
15 */ | |
16 #include "tomcrypt.h" | |
17 | |
18 #ifdef GCM_MODE | |
19 | |
20 /* right shift */ | |
21 static void gcm_rightshift(unsigned char *a) | |
22 { | |
23 int x; | |
24 for (x = 15; x > 0; x--) { | |
25 a[x] = (a[x]>>1) | ((a[x-1]<<7)&0x80); | |
26 } | |
27 a[0] >>= 1; | |
28 } | |
29 | |
30 /* c = b*a */ | |
31 static const unsigned char mask[] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 }; | |
32 static const unsigned char poly[] = { 0x00, 0xE1 }; | |
33 | |
34 /** | |
35 GCM GF multiplier (internal use only) | |
36 @param a First value | |
37 @param b Second value | |
38 @param c Destination for a * b | |
39 */ | |
40 void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *c) | |
41 { | |
42 unsigned char Z[16], V[16]; | |
43 unsigned x, y, z; | |
44 | |
45 zeromem(Z, 16); | |
46 XMEMCPY(V, a, 16); | |
47 for (x = 0; x < 128; x++) { | |
48 if (b[x>>3] & mask[x&7]) { | |
49 for (y = 0; y < 16; y++) { | |
50 Z[y] ^= V[y]; | |
51 } | |
52 } | |
53 z = V[15] & 0x01; | |
54 gcm_rightshift(V); | |
55 V[0] ^= poly[z]; | |
56 } | |
57 XMEMCPY(c, Z, 16); | |
58 } | |
59 | |
60 /** | |
61 GCM multiply by H | |
62 @param gcm The GCM state which holds the H value | |
63 @param I The value to multiply H by | |
64 */ | |
65 void gcm_mult_h(gcm_state *gcm, unsigned char *I) | |
66 { | |
67 unsigned char T[16]; | |
68 #ifdef GCM_TABLES | |
69 int x, y; | |
70 XMEMCPY(T, &gcm->PC[0][I[0]][0], 16); | |
71 for (x = 1; x < 16; x++) { | |
72 #ifdef LTC_FAST | |
73 for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { | |
74 *((LTC_FAST_TYPE *)(T + y)) ^= *((LTC_FAST_TYPE *)(&gcm->PC[x][I[x]][y])); | |
75 } | |
76 #else | |
77 for (y = 0; y < 16; y++) { | |
78 T[y] ^= gcm->PC[x][I[x]][y]; | |
79 } | |
80 #endif | |
81 } | |
82 #else | |
83 gcm_gf_mult(gcm->H, I, T); | |
84 #endif | |
85 XMEMCPY(I, T, 16); | |
86 } | |
87 | |
88 | |
89 #endif |