diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | gcm.c | 2 | ||||
| -rw-r--r-- | ghash-internal.h | 9 | ||||
| -rw-r--r-- | ghash-set-key.c | 6 | ||||
| -rw-r--r-- | x86_64/pclmul/ghash-update.asm | 15 |
5 files changed, 6 insertions, 30 deletions
@@ -1,5 +1,9 @@ 2022-02-19 Niels Möller <nisse@lysator.liu.se> + * ghash-set-key.c (_ghash_digest): Deleted, and also deleted + assembly implementations. + * gcm.c (gcm_digest): Replace call to _ghash_digest with block16_xor. + * x86_64/pclmul/gcm-hash.asm: Deleted, split into two new files... * x86_64/pclmul/ghash-set-key.asm: New file. * x86_64/pclmul/ghash-update.asm: New file. @@ -258,7 +258,7 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, gcm_hash_sizes(key, &ctx->x, ctx->auth_size, ctx->data_size); f (cipher, GCM_BLOCK_SIZE, buffer.b, ctx->iv.b); - _ghash_digest (&ctx->x, &buffer); + block16_xor (&buffer, &ctx->x); memcpy (digest, buffer.b, length); return; diff --git a/ghash-internal.h b/ghash-internal.h index d0bfae1e..97dff024 100644 --- a/ghash-internal.h +++ b/ghash-internal.h @@ -38,7 +38,6 @@ /* Name mangling */ #define _ghash_set_key _nettle_ghash_set_key #define _ghash_update _nettle_ghash_update -#define _ghash_digest _nettle_ghash_digest #ifdef __cplusplus extern "C" { @@ -46,9 +45,7 @@ extern "C" { /* The CTX a struct gcm_key (even if struct ghash_key might be a more * appropriate name). An array of blocks, exact contents depends on - * the implementation. STATE is only a single block. Initial state is - * all zero, otherwise, usage (e.g., byte order) depends on - * implementation. */ + * the implementation. STATE is only a single block. */ /* Expands KEY as needed, for corresponding _ghash_update */ void @@ -61,10 +58,6 @@ const uint8_t * _ghash_update (const struct gcm_key *ctx, union nettle_block16 *state, size_t blocks, const uint8_t *data); -/* Produces final digest, and XORS into the digest block. */ -void -_ghash_digest (const union nettle_block16 *state, union nettle_block16 *digest); - #ifdef __cplusplus } #endif diff --git a/ghash-set-key.c b/ghash-set-key.c index fa3c5588..e8813a5e 100644 --- a/ghash-set-key.c +++ b/ghash-set-key.c @@ -66,9 +66,3 @@ _ghash_set_key (struct gcm_key *ctx, const union nettle_block16 *key) block16_xor3 (&ctx->h[i+j], &ctx->h[i], &ctx->h[j]); } } - -void -_ghash_digest (const union nettle_block16 *state, union nettle_block16 *digest) -{ - block16_xor (digest, state); -} diff --git a/x86_64/pclmul/ghash-update.asm b/x86_64/pclmul/ghash-update.asm index 8a13958a..abb7865d 100644 --- a/x86_64/pclmul/ghash-update.asm +++ b/x86_64/pclmul/ghash-update.asm @@ -123,21 +123,6 @@ PROLOGUE(_nettle_ghash_update) ret EPILOGUE(_nettle_ghash_update) - C void _ghash_digest (const union nettle_block16 *state, - C union nettle_block16 *digest) - C state in %rdi, digest in %rsi -PROLOGUE(_nettle_ghash_digest) - W64_ENTRY(2) - mov (%rsi), %rax - mov 8(%rsi), %rdx - xor (%rdi), %rax - xor 8(%rdi), %rdx - mov %rax, (%rsi) - mov %rdx, 8(%rsi) - W64_EXIT(2) - ret -EPILOGUE(_nettle_ghash_digest) - RODATA C The GCM polynomial is x^{128} + x^7 + x^2 + x + 1, C but in bit-reversed representation, that is |