OCB-AES: improve the calculation of double mask #6667
Conversation
crypto/modes/ocb128.c
Outdated
| @@ -74,7 +74,8 @@ static void ocb_double(OCB_BLOCK *in, OCB_BLOCK *out) | |||
| */ | |||
| mask = in->c[0] & 0x80; | |||
| mask >>= 7; | |||
| mask *= 135; | |||
| mask *= -1; | |||
| mask &= 135; | |||
There was a problem hiding this comment.
If one aims for multiplication removal, then I'd rather suggest mask = (0 - mask) & 135. It would be more readable, for following reason. There are implicit type conversions that take place here, and multiplication by -1 triggers more elaborate mental path to confirm that course of operations is free from undefined behaviour as defined by language standard. I would also suggest to replace 135 with hexadecimal for better readability.
crypto/modes/ocb128.c
Outdated
| @@ -74,7 +74,7 @@ static void ocb_double(OCB_BLOCK *in, OCB_BLOCK *out) | |||
| */ | |||
| mask = in->c[0] & 0x80; | |||
| mask >>= 7; | |||
| mask *= 135; | |||
| mask = -mask & 0x87; | |||
There was a problem hiding this comment.
Suggested (0 - mask) was not a coincidence. Microsoft compiler complains about unary minus with unsigned type. It's a warning, but we attempt to minimize warnings.
CLA: trivial
dot-asm
added
the
approval: review pending
|
Editorial note. The modified code is cipher-agnostic, yet subject speaks of AES. If I end up committing this I intend to replace "AES-OCB" in subject with "modes/ocb128.c". |
richsalz
added
approval: done
CLA: trivial Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from #6667)
|
Merged. Thanks. |
Note that this improves performance.
CLA: trivial
Checklist