utils/advmodes, utils/gcm-ref: Make conversions from `int' to `GF' explicit.

This anticipates a Catacomb/Python change which breaks implicit
conversions to `GF'.

diff --git a/utils/advmodes b/utils/advmodes
index 834771c..c4344b3 100755 (executable)
--- a/utils/advmodes
+++ b/utils/advmodes
@@ -34,7 +34,7 @@ def poly(nbits):
   base = C.GF(0).setbit(nbits).setbit(0)
   for k in xrange(1, nbits, 2):
     for cc in combs(range(1, nbits), k):
-      p = base + sum(C.GF(0).setbit(c) for c in cc)
+      p = base + sum((C.GF(0).setbit(c) for c in cc), C.GF(0))
       if p.irreduciblep(): POLYMAP[nbits] = p; return p
   raise ValueError, nbits
 
@@ -242,8 +242,8 @@ def omac_masks(E):
   p = poly(8*blksz)
   z = Z(blksz)
   L = E.encrypt(z)
-  m0 = mul_blk_gf(L, 2, p)
-  m1 = mul_blk_gf(m0, 2, p)
+  m0 = mul_blk_gf(L, C.GF(2), p)
+  m1 = mul_blk_gf(m0, C.GF(2), p)
   return m0, m1
 
 def dump_omac(E):
@@ -586,14 +586,14 @@ def pmac2(E, m):
   blksz = E.__class__.blksz
   p = prim(8*blksz)
   L = E.encrypt(Z(blksz))
-  o = mul_blk_gf(L, 10, p)
+  o = mul_blk_gf(L, C.GF(10), p)
   a = Z(blksz)
   v, tl = blocks(m, blksz)
   for x in v:
     a ^= E.encrypt(x ^ o)
-    o = mul_blk_gf(o, 2, p)
-  if len(tl) == blksz: a ^= tl ^ mul_blk_gf(o, 3, p)
-  else: a ^= pad10star(tl, blksz) ^ mul_blk_gf(o, 5, p)
+    o = mul_blk_gf(o, C.GF(2), p)
+  if len(tl) == blksz: a ^= tl ^ mul_blk_gf(o, C.GF(3), p)
+  else: a ^= pad10star(tl, blksz) ^ mul_blk_gf(o, C.GF(5), p)
   return E.encrypt(a)
 
 def ocb3_masks(E):
@@ -740,18 +740,18 @@ def ocb2enc(E, n, h, m, tsz = None):
   if tsz is None: tsz = blksz
   p = prim(8*blksz)
   L = E.encrypt(n)
-  o = mul_blk_gf(L, 2, p)
+  o = mul_blk_gf(L, C.GF(2), p)
   a = Z(blksz)
   v, tl = blocks(m, blksz)
   y = C.WriteBuffer()
   for x in v:
     a ^= x
     y.put(E.encrypt(x ^ o) ^ o)
-    o = mul_blk_gf(o, 2, p)
+    o = mul_blk_gf(o, C.GF(2), p)
   n = len(tl)
   yfinal = E.encrypt(C.MP(8*n).storeb(blksz) ^ o)
   cfinal = tl ^ yfinal[:n]
-  a ^= (tl + yfinal[n:]) ^ mul_blk_gf(o, 3, p)
+  a ^= (tl + yfinal[n:]) ^ mul_blk_gf(o, C.GF(3), p)
   y.put(cfinal)
   t = E.encrypt(a)
   if h: t ^= pmac2(E, h)
@@ -761,7 +761,7 @@ def ocb2dec(E, n, h, y, t):
   blksz = E.__class__.blksz
   p = prim(8*blksz)
   L = E.encrypt(n)
-  o = mul_blk_gf(L, 2, p)
+  o = mul_blk_gf(L, C.GF(2), p)
   a = Z(blksz)
   v, tl = blocks(y, blksz)
   m = C.WriteBuffer()
@@ -769,11 +769,11 @@ def ocb2dec(E, n, h, y, t):
     u = E.encrypt(x ^ o) ^ o
     y.put(u)
     a ^= u
-    o = mul_blk_gf(o, 2, p)
+    o = mul_blk_gf(o, C.GF(2), p)
   n = len(tl)
   yfinal = E.encrypt(C.MP(8*n).storeb(blksz) ^ o)
   mfinal = tl ^ yfinal[:n]
-  a ^= (mfinal + yfinal[n:]) ^ mul_blk_gf(o, 3, p)
+  a ^= (mfinal + yfinal[n:]) ^ mul_blk_gf(o, C.GF(3), p)
   m.put(mfinal)
   u = E.encrypt(a)
   if h: u ^= pmac2(E, h)

diff --git a/utils/gcm-ref b/utils/gcm-ref
index ccbf432..4a53737 100755 (executable)
--- a/utils/gcm-ref
+++ b/utils/gcm-ref
@@ -54,7 +54,7 @@ def poly(nbits):
   base = C.GF(0).setbit(nbits).setbit(0)
   for k in xrange(1, nbits, 2):
     for cc in combs(range(1, nbits), k):
-      p = base + sum(C.GF(0).setbit(c) for c in cc)
+      p = base + sum((C.GF(0).setbit(c) for c in cc), C.GF(0))
       if p.irreduciblep(): POLYMAP[nbits] = p; return p
   raise ValueError, nbits