Do not precalculate OCB offset L0+L1+L0

* cipher/cipher-internal.h (gcry_cipher_handle): Remove OCB L0L1L0. * cipher/cipher-ocb.c (_gcry_cipher_ocb_setkey): Ditto. * cipher/rijndael-aesni.c (aesni_ocb_enc, aesni_ocb_dec) (_gcry_aes_aesni_ocb_auth): Replace L0L1L0 use with L1. -- Patch fixes L0+L1+L0 thinko. This is same as L1 (L0 xor L1 xor L0). Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
author: Jussi Kivilinna <jussi.kivilinna@iki.fi> 2019-01-27 12:55:22 +0200
committer: Jussi Kivilinna <jussi.kivilinna@iki.fi> 2019-01-27 12:55:22 +0200
commit: afab94d222425ecb838eb56cb0723bdaf3e5de36 (patch)
tree: 3ef0517d57861f44c93b826ecfcad7c7b1bf7048 /cipher/cipher-ocb.c
parent: c15409c49993166ab1325d45360b3a8fe72a5556 (diff)
download: libgcrypt-afab94d222425ecb838eb56cb0723bdaf3e5de36.tar.gz
1 files changed, 1 insertions, 3 deletions
diff --git a/cipher/cipher-ocb.c b/cipher/cipher-ocb.c
index be6b8dff..308b0495 100644
--- a/cipher/cipher-ocb.c
+++ b/cipher/cipher-ocb.c
@@ -141,11 +141,9 @@ void _gcry_cipher_ocb_setkey (gcry_cipher_hd_t c)
   double_block_cpy (c->u_mode.ocb.L[0], c->u_mode.ocb.L_dollar);
   for (i = 1; i < OCB_L_TABLE_SIZE; i++)
     double_block_cpy (c->u_mode.ocb.L[i], c->u_mode.ocb.L[i-1]);
-  /* Precalculated offsets L0+L1, L0+L1+L0 */
+  /* Precalculated offset L0+L1 */
   cipher_block_xor (c->u_mode.ocb.L0L1,
 		    c->u_mode.ocb.L[0], c->u_mode.ocb.L[1], OCB_BLOCK_LEN);
-  cipher_block_xor (c->u_mode.ocb.L0L1L0,
-		    c->u_mode.ocb.L[0], c->u_mode.ocb.L0L1, OCB_BLOCK_LEN);
 
   /* Cleanup */
   wipememory (ktop, sizeof ktop);
author	Jussi Kivilinna <jussi.kivilinna@iki.fi>	2019-01-27 12:55:22 +0200
committer	Jussi Kivilinna <jussi.kivilinna@iki.fi>	2019-01-27 12:55:22 +0200
commit	afab94d222425ecb838eb56cb0723bdaf3e5de36 (patch)
tree	3ef0517d57861f44c93b826ecfcad7c7b1bf7048 /cipher/cipher-ocb.c
parent	c15409c49993166ab1325d45360b3a8fe72a5556 (diff)
download	libgcrypt-afab94d222425ecb838eb56cb0723bdaf3e5de36.tar.gz