~mdw
/
catacomb
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
utils/gcm-ref (present_gf_pmull): Round width up to a multiple of 64 bits.
[catacomb]
/
utils
/
gcm-ref
diff --git
a/utils/gcm-ref
b/utils/gcm-ref
index
ccbf432
..
bec00d7
100755
(executable)
--- a/
utils/gcm-ref
+++ b/
utils/gcm-ref
@@
-54,7
+54,7
@@
def poly(nbits):
base = C.GF(0).setbit(nbits).setbit(0)
for k in xrange(1, nbits, 2):
for cc in combs(range(1, nbits), k):
base = C.GF(0).setbit(nbits).setbit(0)
for k in xrange(1, nbits, 2):
for cc in combs(range(1, nbits), k):
- p = base + sum(
C.GF(0).setbit(c) for c in cc
)
+ p = base + sum(
(C.GF(0).setbit(c) for c in cc), C.GF(0)
)
if p.irreduciblep(): POLYMAP[nbits] = p; return p
raise ValueError, nbits
if p.irreduciblep(): POLYMAP[nbits] = p; return p
raise ValueError, nbits
@@
-172,7
+172,7
@@
def demo_table_b(u, v):
@demo
def demo_table_l(u, v):
"""Little-endian table lookup."""
@demo
def demo_table_l(u, v):
"""Little-endian table lookup."""
- return table_common(u, v, endswap_words, lambda b: b.getu32l(), 0x18)
+ return table_common(u, v, endswap_words
_32
, lambda b: b.getu32l(), 0x18)
###--------------------------------------------------------------------------
### Implementation using 64×64->128-bit binary polynomial multiplication.
###--------------------------------------------------------------------------
### Implementation using 64×64->128-bit binary polynomial multiplication.
@@
-258,6
+258,7
@@
def present_gf_pmull(tag, wd, x, w, n, what):
if tag == TAG_PRODPIECE or tag == TAG_REDCFULL or tag == TAG_SHIFTED:
return
elif tag == TAG_INPUT_V or tag == TAG_KPIECE_V:
if tag == TAG_PRODPIECE or tag == TAG_REDCFULL or tag == TAG_SHIFTED:
return
elif tag == TAG_INPUT_V or tag == TAG_KPIECE_V:
+ w = (w + 63)&~63
bx = C.ReadBuffer(x.storeb(w/8))
by = C.WriteBuffer()
while bx.left: chunk = bx.get(8); by.put(chunk).put(chunk)
bx = C.ReadBuffer(x.storeb(w/8))
by = C.WriteBuffer()
while bx.left: chunk = bx.get(8); by.put(chunk).put(chunk)
@@
-281,7
+282,7
@@
def poly64_mul_simple(u, v, presfn, wd, dispwd, mulwd, uwhat, vwhat):
## straightforward except for the 96-bit case, where we end up with two
## short pieces which we pad at the beginning.
if uw%mulwd: pad = (-uw)%mulwd; u += C.ByteString.zero(pad); uw += pad
## straightforward except for the 96-bit case, where we end up with two
## short pieces which we pad at the beginning.
if uw%mulwd: pad = (-uw)%mulwd; u += C.ByteString.zero(pad); uw += pad
- if vw%mulwd: pad = (-
u
w)%mulwd; v += C.ByteString.zero(pad); vw += pad
+ if vw%mulwd: pad = (-
v
w)%mulwd; v += C.ByteString.zero(pad); vw += pad
uu = split_gf(u, mulwd)
vv = split_gf(v, mulwd)
uu = split_gf(u, mulwd)
vv = split_gf(v, mulwd)