[keccak-asm] removing unnecessary c and d fields from context

2013-01-11 21:32:50 +01:00 · 2013-01-11 21:32:50 +01:00 · 628319e6c3
parent c224e9cb51
commit 628319e6c3
3 changed files with 82 additions and 43 deletions
--- a/keccak/keccak-asm.S
+++ b/keccak/keccak-asm.S
@ -43,10 +43,6 @@ ctx_a:
 	.struct ctx_a + 8 * 5 * 5
 ctx_r:
 	.struct ctx_r + 2
 ctx_c:
 	.struct ctx_c + 2
 ctx_d:
 	.struct ctx_d + 1
 ctx_bs:
 	.section .text
@ -544,15 +540,17 @@ icall_r16_times:
 */
 	; memcpy(a, b, 200)
 	; X points at b + 32 + 8 = b + 40 = b[1][0] has to point to b[0][0]
-	ldi r16, 200
+	ldi r16, 200 / 8
 	sbiw XL, 5 * 8
 	movw ZL, XL
 	subi YL, lo8(5 * 5 * 8)
 	sbci YH, hi8(5 * 5 * 8)
 	movw r2, YL
 10:
 	.rept 8
 	ld r22, X+
 	st Y+, r22
 	.endr
 	dec r16
 	brne 10b
@ -635,23 +633,25 @@ void keccak_ctx2hash(void* dest, uint16_t length_b, keccak_ctx_t* ctx){
 	memcpy(dest, ctx->a, (length_b+7)/8);
 }
 */
-	.global keccak_ctx2hash
+;	.global keccak_ctx2hash
-	.func keccak_ctx2hash
+;	.func keccak_ctx2hash
-keccak_ctx2hash:
+;keccak_ctx2hash:
 	push_range 2, 10
 	movw r4, r20
 	movw r6, r24
 	movw ZL, r24
 	movw r8, r22
 	subi ZL, lo8(-ctx_r)
-	subi ZH, hi8(-ctx_r)
+	sbci ZH, hi8(-ctx_r)
 	ld r2, Z+
 	ld r3, Z+
 	ldd r10, Z+3 ; load blocksize (in bytes)
 10:
-	cp  r8, r2
+	; length_b = (r9:r8) ; r = (r3:r2) ; (H:L)
-	cpc r9, r3
+	cp  r2, r8
-	brcc 40f
+	cpc r3, r9
 	rjmp 40f
 	brsh 40f
 	movw XL, r4
 	movw ZL, r6
 	mov r24, r10
@ -687,5 +687,5 @@ keccak_ctx2hash:
 99:
 	pop_range 2, 10
 	ret
-	.endfunc
+;	.endfunc
--- a/keccak/keccak-stub.c
+++ b/keccak/keccak-stub.c
@ -60,51 +60,92 @@ void keccak_dump_ctx(keccak_ctx_t* ctx){
 #endif
-void keccak_f1600(uint64_t a[5][5]);
+void keccak_f1600(uint8_t a[200]);
 void keccak_lastBlock(keccak_ctx_t* ctx, const void* block, uint16_t length_b){
-	while(length_b >= ctx->r){
+    uint8_t length_B;
    while(length_b >= ctx->r){
        keccak_nextBlock(ctx, block);
        block = (uint8_t*)block + ctx->bs;
        length_b -=  ctx->r;
    }
    length_B = length_b / 8;
    memxor(ctx->a, block, length_B);
    /* append 1 */
    if(length_b & 7){
        /* we have some single bits */
        uint8_t t;
        t = ((uint8_t*)block)[length_B] >> (8 - (length_b & 7));
        t |= 0x01 << (length_b & 7);
        ctx->a[length_B] ^= t;
    }else{
        ctx->a[length_B] ^= 0x01;
    }
    if(length_b == ctx->r - 1){
        keccak_f1600(ctx->a);
    }
    ctx->a[ctx->bs - 1] ^= 0x80;
    keccak_f1600(ctx->a);
 }
 #if 0
 void keccak_lastBlock(keccak_ctx_t* ctx, const void* block, uint16_t length_b){
    uint8_t length_B;
    while(length_b >= ctx->r){
 		keccak_nextBlock(ctx, block);
 		block = (uint8_t*)block + ctx->bs;
 		length_b -=  ctx->r;
 	}
-	memxor(ctx->a, block, (length_b)/8);
+    length_B = length_b / 8;
 	memxor(ctx->a, block, length_B);
 	/* append 1 */
 	if(length_b & 7){
 		/* we have some single bits */
 		uint8_t t;
-		t = ((uint8_t*)block)[length_b / 8] >> (8 - (length_b & 7));
+		t = ((uint8_t*)block)[length_B] >> (8 - (length_b & 7));
 		t |= 0x01 << (length_b & 7);
-		((uint8_t*)ctx->a)[length_b / 8] ^= t;
+		ctx->a[length_B] ^= t;
 	}else{
-	    ((uint8_t*)ctx->a)[length_b / 8] ^= 0x01;
+	    ctx->a[length_B] ^= 0x01;
 	}
-	if(length_b / 8 + 1 + 3 <= ctx->bs){
+	if(length_B + 1 + 3 <= ctx->bs){
-        *((uint8_t*)ctx->a + length_b / 8 + 1) ^= ctx->d;
+        ctx->a[length_B + 1] ^= ctx->d;
-        *((uint8_t*)ctx->a + length_b / 8 + 2) ^= ctx->bs;
+        ctx->a[length_B + 2] ^= ctx->bs;
-        *((uint8_t*)ctx->a + length_b / 8 + 3) ^= 1;
+        ctx->a[length_B + 3] ^= 1;
 	}else{
-		if(length_b / 8 + 1 + 2 <= ctx->bs){
+		if(length_B + 1 + 2 <= ctx->bs){
-            *((uint8_t*)ctx->a + length_b / 8 + 1) ^= ctx->d;
+            ctx->a[length_B + 1] ^= ctx->d;
-            *((uint8_t*)ctx->a + length_b / 8 + 2) ^= ctx->bs;
+            ctx->a[length_B + 2] ^= ctx->bs;
 			keccak_f1600(ctx->a);
 			((uint8_t*)ctx->a)[0] ^= 0x01;
 		}else{
-			if(length_b/8+1+1 <= ctx->bs){
+			if(length_B + 1 + 1 <= ctx->bs){
-				*((uint8_t*)ctx->a + length_b / 8 + 1) ^= ctx->d;
+				ctx->a[length_B + 1] ^= ctx->d;
 				keccak_f1600(ctx->a);
-				((uint8_t*)ctx->a)[0] ^= ctx->bs;
+				ctx->a[0] ^= ctx->bs;
-				((uint8_t*)ctx->a)[1] ^= 0x01;
+				ctx->a[1] ^= 0x01;
 			}else{
 				keccak_f1600(ctx->a);
-				((uint8_t*)ctx->a)[0] ^= ctx->d;
+				ctx->a[0] ^= ctx->d;
-				((uint8_t*)ctx->a)[1] ^= ctx->bs;
+				ctx->a[1] ^= ctx->bs;
-				((uint8_t*)ctx->a)[2] ^= 0x01;
+				ctx->a[2] ^= 0x01;
 			}
 		}
 	}
 	keccak_f1600(ctx->a);
 }
 #endif
 void keccak_ctx2hash(void* dest, uint16_t length_b, keccak_ctx_t* ctx){
    while(length_b>=ctx->r){
        memcpy(dest, ctx->a, ctx->bs);
        dest = (uint8_t*)dest + ctx->bs;
        length_b -= ctx->r;
        keccak_f1600(ctx->a);
    }
    memcpy(dest, ctx->a, (length_b+7)/8);
 }
 void keccak224_ctx2hash(void* dest, keccak_ctx_t* ctx){
 	keccak_ctx2hash(dest, 224, ctx);
@ -128,26 +169,24 @@ void keccak512_ctx2hash(void* dest, keccak_ctx_t* ctx){
  3. SHA3-384: ⌊Keccak[r =  832, c =  768, d = 48]⌋384
  4. SHA3-512: ⌊Keccak[r =  576, c = 1024, d = 64]⌋512
 */
-void keccak_init(uint16_t r, uint16_t c, uint8_t d, keccak_ctx_t* ctx){
+void keccak_init(uint16_t r, keccak_ctx_t* ctx){
 	memset(ctx->a, 0x00, 5 * 5 * 8);
 	ctx->r = r;
 	ctx->c = c;
 	ctx->d = d;
 	ctx->bs = (uint8_t)(r / 8);
 }
 void keccak224_init(keccak_ctx_t* ctx){
-	keccak_init(1152, 448, 28, ctx);
+	keccak_init(1152, ctx);
 }
 void keccak256_init(keccak_ctx_t* ctx){
-	keccak_init(1088, 512, 32, ctx);
+	keccak_init(1088, ctx);
 }
 void keccak384_init(keccak_ctx_t* ctx){
-	keccak_init( 832, 768, 48, ctx);
+	keccak_init( 832, ctx);
 }
 void keccak512_init(keccak_ctx_t* ctx){
-	keccak_init( 576, 1024, 64, ctx);
+	keccak_init( 576, ctx);
 }
--- a/keccak/keccak.h
+++ b/keccak/keccak.h
@ -32,9 +32,9 @@
 #define KECCAK512_BLOCKSIZE_B (KECCAK512_BLOCKSIZE / 8)
 typedef struct{
-	uint64_t a[5][5];
+	uint8_t a[200];
-	uint16_t r, c;
+	uint16_t r;
-	uint8_t  d, bs;
+	uint8_t  bs;
 } keccak_ctx_t;