Re: [PATCH] cmac: add 64-bit mode CMAC
ni...@lysator.liu.se (Niels Möller) writes: > I've now merged this and the cmac_des3 patch onto a branch "cmac64". And now pushed to master, together with the documentation update. Thanks, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: [PATCH] cmac: add 64-bit mode CMAC
Hello, чт, 11 июл. 2019 г. в 00:05, Niels Möller : > > Dmitry Eremin-Solenikov writes: > > > --- /dev/null > > +++ b/cmac64.c > > @@ -0,0 +1,177 @@ > > +/* > > + AES-CMAC-128 (rfc 4493) / CMAC-64 > > I've now merged this and the cmac_des3 patch onto a branch "cmac64". Thank you! > What's an authoritative reference for cmac64 and cmac using des? > RFC4493 doesn't seem quite right. Is it NIST SP 800-38B, mentioned in a > comment with the tests? Yes, it is. -- With best wishes Dmitry ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: [PATCH] cmac: add 64-bit mode CMAC
Dmitry Eremin-Solenikov writes: > --- /dev/null > +++ b/cmac64.c > @@ -0,0 +1,177 @@ > +/* > + AES-CMAC-128 (rfc 4493) / CMAC-64 I've now merged this and the cmac_des3 patch onto a branch "cmac64". What's an authoritative reference for cmac64 and cmac using des? RFC4493 doesn't seem quite right. Is it NIST SP 800-38B, mentioned in a comment with the tests? Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: [PATCH] cmac: add 64-bit mode CMAC
Hello, вт, 9 июл. 2019 г. в 00:56, Niels Möller : > > Dmitry Eremin-Solenikov writes: > > Patch looks nice, thanks! Is any of the implementation shared with > cmac128? I think it would be nice to move it to a separate source file > cmac64.c. Sharing the cmac.h header file is fine. It shares LE_SHIFT(). I'll resend this patch as a followup. > BTW, I'm sorry for the duplicated effort on nettle_block16 w; I'm > traveling and online only sporadically, so I gave it a try without being > up to date with your work. No problem. Now you have two proposals and can compare them ;-) -- With best wishes Dmitry ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: [PATCH] cmac: add 64-bit mode CMAC
Dmitry Eremin-Solenikov writes: > Signed-off-by: Dmitry Eremin-Solenikov > --- > cmac.c | 125 - > cmac.h | 69 +++ > nettle-types.h | 6 +++ > 3 files changed, 199 insertions(+), 1 deletion(-) > > diff --git a/cmac.c b/cmac.c > index 70ce8132d9d1..36ad8e58e45e 100644 > --- a/cmac.c > +++ b/cmac.c > @@ -1,9 +1,10 @@ > /* > - AES-CMAC-128 (rfc 4493) > + AES-CMAC-128 (rfc 4493) / CMAC-64 > Copyright (C) Stefan Metzmacher 2012 > Copyright (C) Jeremy Allison 2012 > Copyright (C) Michael Adam 2012 > Copyright (C) 2017, Red Hat Inc. > + Copyright (C) 2019, Dmitry Eremin-Solenikov > > This file is part of GNU Nettle. > > @@ -57,6 +58,15 @@ _cmac128_block_mulx(union nettle_block16 *dst, >dst->u64[0] = (src->u64[0] << 1) | (src->u64[1] >> 63); >dst->u64[1] = (src->u64[1] << 1) ^ (0x87 & -carry); > } > + > +static void > +block_mulx8(union nettle_block8 *dst, > + const union nettle_block8 *src) > +{ > + uint64_t carry = src->u64 >> 63; > + > + dst->u64 = (src->u64 << 1) ^ (0x1b & -carry); > +} > #else /* !WORDS_BIGENDIAN */ > #define LE_SHIFT(x) x) & 0x7f7f7f7f7f7f7f7f) << 1) | \ > (((x) & 0x8080808080808080) >> 15)) > @@ -68,6 +78,15 @@ _cmac128_block_mulx(union nettle_block16 *dst, >dst->u64[0] = LE_SHIFT(src->u64[0]) | ((src->u64[1] & 0x80) << 49); >dst->u64[1] = LE_SHIFT(src->u64[1]) ^ (0x8700 & -carry); > } Patch looks nice, thanks! Is any of the implementation shared with cmac128? I think it would be nice to move it to a separate source file cmac64.c. Sharing the cmac.h header file is fine. BTW, I'm sorry for the duplicated effort on nettle_block16 w; I'm traveling and online only sporadically, so I gave it a try without being up to date with your work. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs