aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/crypto
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2016-12-11 14:25:28 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2016-12-11 14:25:28 +0100
commit915507020046c9488f277d523c22bb12995e14ea (patch)
tree0bcde034f2f71ef6091a3cdb3793c09d43ce0f89 /src/crypto
parentreceive: simplify ip header checking logic (diff)
downloadwireguard-monolithic-historical-915507020046c9488f277d523c22bb12995e14ea.tar.xz
wireguard-monolithic-historical-915507020046c9488f277d523c22bb12995e14ea.zip
global: move to consistent use of uN instead of uintN_t for kernel code
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/blake2s.c76
-rw-r--r--src/crypto/blake2s.h22
-rw-r--r--src/crypto/chacha20poly1305.c60
-rw-r--r--src/crypto/chacha20poly1305.h20
-rw-r--r--src/crypto/curve25519.c424
-rw-r--r--src/crypto/curve25519.h6
-rw-r--r--src/crypto/siphash24.c44
-rw-r--r--src/crypto/siphash24.h2
8 files changed, 327 insertions, 327 deletions
diff --git a/src/crypto/blake2s.c b/src/crypto/blake2s.c
index b8a7535..cd9691a 100644
--- a/src/crypto/blake2s.c
+++ b/src/crypto/blake2s.c
@@ -10,24 +10,24 @@
#include <linux/kernel.h>
typedef struct {
- uint8_t digest_length;
- uint8_t key_length;
- uint8_t fanout;
- uint8_t depth;
- uint32_t leaf_length;
- uint8_t node_offset[6];
- uint8_t node_depth;
- uint8_t inner_length;
- uint8_t salt[8];
- uint8_t personal[8];
+ u8 digest_length;
+ u8 key_length;
+ u8 fanout;
+ u8 depth;
+ u32 leaf_length;
+ u8 node_offset[6];
+ u8 node_depth;
+ u8 inner_length;
+ u8 salt[8];
+ u8 personal[8];
} __packed blake2s_param;
-static const uint32_t blake2s_iv[8] = {
+static const u32 blake2s_iv[8] = {
0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL,
0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL
};
-static const uint8_t blake2s_sigma[10][16] = {
+static const u8 blake2s_sigma[10][16] = {
{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
{14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3},
{11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4},
@@ -40,7 +40,7 @@ static const uint8_t blake2s_sigma[10][16] = {
{10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0},
};
-static inline uint32_t rotr32(const uint32_t w, const uint8_t c)
+static inline u32 rotr32(const u32 w, const u8 c)
{
return (w >> c) | (w << (32 - c));
}
@@ -57,7 +57,7 @@ static inline void blake2s_set_lastblock(struct blake2s_state *state)
state->f[0] = -1;
}
-static inline void blake2s_increment_counter(struct blake2s_state *state, const uint32_t inc)
+static inline void blake2s_increment_counter(struct blake2s_state *state, const u32 inc)
{
state->t[0] += inc;
state->t[1] += (state->t[0] < inc);
@@ -67,18 +67,18 @@ static inline void blake2s_increment_counter(struct blake2s_state *state, const
__attribute__((optimize("unroll-loops")))
static inline void blake2s_init_param(struct blake2s_state *state, const blake2s_param *param)
{
- const uint32_t *p;
+ const u32 *p;
int i;
memset(state, 0, sizeof(struct blake2s_state));
for (i = 0; i < 8; ++i)
state->h[i] = blake2s_iv[i];
- p = (const uint32_t *)param;
+ p = (const u32 *)param;
/* IV XOR ParamBlock */
for (i = 0; i < 8; ++i)
state->h[i] ^= le32_to_cpuvp(&p[i]);
}
-void blake2s_init(struct blake2s_state *state, const uint8_t outlen)
+void blake2s_init(struct blake2s_state *state, const u8 outlen)
{
blake2s_param param = {
.digest_length = outlen,
@@ -92,7 +92,7 @@ void blake2s_init(struct blake2s_state *state, const uint8_t outlen)
blake2s_init_param(state, &param);
}
-void blake2s_init_key(struct blake2s_state *state, const uint8_t outlen, const void *key, const uint8_t keylen)
+void blake2s_init_key(struct blake2s_state *state, const u8 outlen, const void *key, const u8 keylen)
{
blake2s_param param = {
.digest_length = outlen,
@@ -100,7 +100,7 @@ void blake2s_init_key(struct blake2s_state *state, const uint8_t outlen, const v
.fanout = 1,
.depth = 1
};
- uint8_t block[BLAKE2S_BLOCKBYTES] = { 0 };
+ u8 block[BLAKE2S_BLOCKBYTES] = { 0 };
#ifdef DEBUG
BUG_ON(!outlen || outlen > BLAKE2S_OUTBYTES || !key || !keylen || keylen > BLAKE2S_KEYBYTES);
@@ -112,10 +112,10 @@ void blake2s_init_key(struct blake2s_state *state, const uint8_t outlen, const v
}
__attribute__((optimize("unroll-loops")))
-static inline void blake2s_compress(struct blake2s_state *state, const uint8_t block[BLAKE2S_BLOCKBYTES])
+static inline void blake2s_compress(struct blake2s_state *state, const u8 block[BLAKE2S_BLOCKBYTES])
{
- uint32_t m[16];
- uint32_t v[16];
+ u32 m[16];
+ u32 v[16];
int i;
for (i = 0; i < 16; ++i)
@@ -171,7 +171,7 @@ static inline void blake2s_compress(struct blake2s_state *state, const uint8_t b
#undef ROUND
}
-void blake2s_update(struct blake2s_state *state, const uint8_t *in, uint64_t inlen)
+void blake2s_update(struct blake2s_state *state, const u8 *in, u64 inlen)
{
size_t left, fill;
while (inlen > 0) {
@@ -197,9 +197,9 @@ void blake2s_update(struct blake2s_state *state, const uint8_t *in, uint64_t inl
}
__attribute__((optimize("unroll-loops")))
-void blake2s_final(struct blake2s_state *state, uint8_t *out, uint8_t outlen)
+void blake2s_final(struct blake2s_state *state, u8 *out, u8 outlen)
{
- uint8_t buffer[BLAKE2S_OUTBYTES] = { 0 };
+ u8 buffer[BLAKE2S_OUTBYTES] = { 0 };
int i;
#ifdef DEBUG
@@ -213,7 +213,7 @@ void blake2s_final(struct blake2s_state *state, uint8_t *out, uint8_t outlen)
memcpy(state->buf, state->buf + BLAKE2S_BLOCKBYTES, state->buflen);
}
- blake2s_increment_counter(state, (uint32_t) state->buflen);
+ blake2s_increment_counter(state, (u32) state->buflen);
blake2s_set_lastblock(state);
memset(state->buf + state->buflen, 0, 2 * BLAKE2S_BLOCKBYTES - state->buflen); /* Padding */
blake2s_compress(state, state->buf);
@@ -228,7 +228,7 @@ void blake2s_final(struct blake2s_state *state, uint8_t *out, uint8_t outlen)
memzero_explicit(state, sizeof(struct blake2s_state));
}
-void blake2s(uint8_t *out, const uint8_t *in, const uint8_t *key, const uint8_t outlen, uint64_t inlen, const uint8_t keylen)
+void blake2s(u8 *out, const u8 *in, const u8 *key, const u8 outlen, u64 inlen, const u8 keylen)
{
struct blake2s_state state;
@@ -246,12 +246,12 @@ void blake2s(uint8_t *out, const uint8_t *in, const uint8_t *key, const uint8_t
}
__attribute__((optimize("unroll-loops")))
-void blake2s_hmac(uint8_t *out, const uint8_t *in, const uint8_t *key, const uint8_t outlen, const uint64_t inlen, const uint64_t keylen)
+void blake2s_hmac(u8 *out, const u8 *in, const u8 *key, const u8 outlen, const u64 inlen, const u64 keylen)
{
struct blake2s_state state;
- uint8_t o_key[BLAKE2S_BLOCKBYTES] = { 0 };
- uint8_t i_key[BLAKE2S_BLOCKBYTES] = { 0 };
- uint8_t i_hash[BLAKE2S_OUTBYTES];
+ u8 o_key[BLAKE2S_BLOCKBYTES] = { 0 };
+ u8 i_key[BLAKE2S_BLOCKBYTES] = { 0 };
+ u8 i_hash[BLAKE2S_OUTBYTES];
int i;
if (keylen > BLAKE2S_BLOCKBYTES) {
@@ -286,7 +286,7 @@ void blake2s_hmac(uint8_t *out, const uint8_t *in, const uint8_t *key, const uin
}
#ifdef DEBUG
-static const uint8_t blake2s_testvecs[][BLAKE2S_OUTBYTES] = {
+static const u8 blake2s_testvecs[][BLAKE2S_OUTBYTES] = {
{ 0x69, 0x21, 0x7A, 0x30, 0x79, 0x90, 0x80, 0x94, 0xE1, 0x11, 0x21, 0xD0, 0x42, 0x35, 0x4A, 0x7C, 0x1F, 0x55, 0xB6, 0x48, 0x2C, 0xA1, 0xA5, 0x1E, 0x1B, 0x25, 0x0D, 0xFD, 0x1E, 0xD0, 0xEE, 0xF9 },
{ 0xE3, 0x4D, 0x74, 0xDB, 0xAF, 0x4F, 0xF4, 0xC6, 0xAB, 0xD8, 0x71, 0xCC, 0x22, 0x04, 0x51, 0xD2, 0xEA, 0x26, 0x48, 0x84, 0x6C, 0x77, 0x57, 0xFB, 0xAA, 0xC8, 0x2F, 0xE5, 0x1A, 0xD6, 0x4B, 0xEA },
{ 0xDD, 0xAD, 0x9A, 0xB1, 0x5D, 0xAC, 0x45, 0x49, 0xBA, 0x42, 0xF4, 0x9D, 0x26, 0x24, 0x96, 0xBE, 0xF6, 0xC0, 0xBA, 0xE1, 0xDD, 0x34, 0x2A, 0x88, 0x08, 0xF8, 0xEA, 0x26, 0x7C, 0x6E, 0x21, 0x0C },
@@ -545,7 +545,7 @@ static const uint8_t blake2s_testvecs[][BLAKE2S_OUTBYTES] = {
{ 0xF0, 0x3F, 0x57, 0x89, 0xD3, 0x33, 0x6B, 0x80, 0xD0, 0x02, 0xD5, 0x9F, 0xDF, 0x91, 0x8B, 0xDB, 0x77, 0x5B, 0x00, 0x95, 0x6E, 0xD5, 0x52, 0x8E, 0x86, 0xAA, 0x99, 0x4A, 0xCB, 0x38, 0xFE, 0x2D }
};
-static const uint8_t blake2s_keyed_testvecs[][BLAKE2S_OUTBYTES] = {
+static const u8 blake2s_keyed_testvecs[][BLAKE2S_OUTBYTES] = {
{ 0x48, 0xA8, 0x99, 0x7D, 0xA4, 0x07, 0x87, 0x6B, 0x3D, 0x79, 0xC0, 0xD9, 0x23, 0x25, 0xAD, 0x3B, 0x89, 0xCB, 0xB7, 0x54, 0xD8, 0x6A, 0xB7, 0x1A, 0xEE, 0x04, 0x7A, 0xD3, 0x45, 0xFD, 0x2C, 0x49 },
{ 0x40, 0xD1, 0x5F, 0xEE, 0x7C, 0x32, 0x88, 0x30, 0x16, 0x6A, 0xC3, 0xF9, 0x18, 0x65, 0x0F, 0x80, 0x7E, 0x7E, 0x01, 0xE1, 0x77, 0x25, 0x8C, 0xDC, 0x0A, 0x39, 0xB1, 0x1F, 0x59, 0x80, 0x66, 0xF1 },
{ 0x6B, 0xB7, 0x13, 0x00, 0x64, 0x4C, 0xD3, 0x99, 0x1B, 0x26, 0xCC, 0xD4, 0xD2, 0x74, 0xAC, 0xD1, 0xAD, 0xEA, 0xB8, 0xB1, 0xD7, 0x91, 0x45, 0x46, 0xC1, 0x19, 0x8B, 0xBE, 0x9F, 0xC9, 0xD8, 0x03 },
@@ -806,17 +806,17 @@ static const uint8_t blake2s_keyed_testvecs[][BLAKE2S_OUTBYTES] = {
bool blake2s_selftest(void)
{
- uint8_t key[BLAKE2S_KEYBYTES];
- uint8_t buf[ARRAY_SIZE(blake2s_testvecs)];
- uint8_t hash[BLAKE2S_OUTBYTES];
+ u8 key[BLAKE2S_KEYBYTES];
+ u8 buf[ARRAY_SIZE(blake2s_testvecs)];
+ u8 hash[BLAKE2S_OUTBYTES];
size_t i;
bool success = true;
for (i = 0; i < BLAKE2S_KEYBYTES; ++i)
- key[i] = (uint8_t)i;
+ key[i] = (u8)i;
for (i = 0; i < ARRAY_SIZE(blake2s_testvecs); ++i)
- buf[i] = (uint8_t)i;
+ buf[i] = (u8)i;
for (i = 0; i < ARRAY_SIZE(blake2s_keyed_testvecs); ++i) {
blake2s(hash, buf, key, BLAKE2S_OUTBYTES, i, BLAKE2S_KEYBYTES);
diff --git a/src/crypto/blake2s.h b/src/crypto/blake2s.h
index ed7ea50..21ba298 100644
--- a/src/crypto/blake2s.h
+++ b/src/crypto/blake2s.h
@@ -12,22 +12,22 @@ enum blake2s_lengths {
};
struct blake2s_state {
- uint32_t h[8];
- uint32_t t[2];
- uint32_t f[2];
- uint8_t buf[2 * BLAKE2S_BLOCKBYTES];
+ u32 h[8];
+ u32 t[2];
+ u32 f[2];
+ u8 buf[2 * BLAKE2S_BLOCKBYTES];
size_t buflen;
- uint8_t last_node;
+ u8 last_node;
};
-void blake2s(uint8_t *out, const uint8_t *in, const uint8_t *key, const uint8_t outlen, const uint64_t inlen, const uint8_t keylen);
+void blake2s(u8 *out, const u8 *in, const u8 *key, const u8 outlen, const u64 inlen, const u8 keylen);
-void blake2s_init(struct blake2s_state *state, const uint8_t outlen);
-void blake2s_init_key(struct blake2s_state *state, const uint8_t outlen, const void *key, const uint8_t keylen);
-void blake2s_update(struct blake2s_state *state, const uint8_t *in, uint64_t inlen);
-void blake2s_final(struct blake2s_state *state, uint8_t *out, uint8_t outlen);
+void blake2s_init(struct blake2s_state *state, const u8 outlen);
+void blake2s_init_key(struct blake2s_state *state, const u8 outlen, const void *key, const u8 keylen);
+void blake2s_update(struct blake2s_state *state, const u8 *in, u64 inlen);
+void blake2s_final(struct blake2s_state *state, u8 *out, u8 outlen);
-void blake2s_hmac(uint8_t *out, const uint8_t *in, const uint8_t *key, const uint8_t outlen, const uint64_t inlen, const uint64_t keylen);
+void blake2s_hmac(u8 *out, const u8 *in, const u8 *key, const u8 outlen, const u64 inlen, const u64 keylen);
#ifdef DEBUG
bool blake2s_selftest(void);
diff --git a/src/crypto/chacha20poly1305.c b/src/crypto/chacha20poly1305.c
index 96e39bf..a7421d6 100644
--- a/src/crypto/chacha20poly1305.c
+++ b/src/crypto/chacha20poly1305.c
@@ -472,7 +472,7 @@ static void poly1305_finish(struct poly1305_ctx *ctx, u8 *dst)
f = (f >> 32) + h3 + ctx->s[3]; mac[3] = cpu_to_le32(f);
}
-static const uint8_t pad0[16] = { 0 };
+static const u8 pad0[16] = { 0 };
static struct crypto_alg chacha20_alg = {
.cra_blocksize = 1,
@@ -487,18 +487,18 @@ static struct blkcipher_desc chacha20_desc = {
.tfm = &chacha20_cipher
};
-bool chacha20poly1305_encrypt(uint8_t *dst, const uint8_t *src, const size_t src_len,
- const uint8_t *ad, const size_t ad_len,
- const uint64_t nonce, const uint8_t key[CHACHA20POLY1305_KEYLEN])
+bool chacha20poly1305_encrypt(u8 *dst, const u8 *src, const size_t src_len,
+ const u8 *ad, const size_t ad_len,
+ const u64 nonce, const u8 key[CHACHA20POLY1305_KEYLEN])
{
struct poly1305_ctx poly1305_state;
struct chacha20_ctx chacha20_state;
- uint8_t block0[CHACHA20_BLOCK_SIZE] = { 0 };
+ u8 block0[CHACHA20_BLOCK_SIZE] = { 0 };
__le64 len;
__le64 le_nonce = cpu_to_le64(nonce);
bool have_simd = chacha20poly1305_init_simd();
- chacha20_keysetup(&chacha20_state, key, (uint8_t *)&le_nonce);
+ chacha20_keysetup(&chacha20_state, key, (u8 *)&le_nonce);
chacha20_crypt(&chacha20_state, block0, block0, sizeof(block0), have_simd);
poly1305_init(&poly1305_state, block0);
@@ -513,10 +513,10 @@ bool chacha20poly1305_encrypt(uint8_t *dst, const uint8_t *src, const size_t src
poly1305_update(&poly1305_state, pad0, (0x10 - src_len) & 0xf, have_simd);
len = cpu_to_le64(ad_len);
- poly1305_update(&poly1305_state, (uint8_t *)&len, sizeof(len), have_simd);
+ poly1305_update(&poly1305_state, (u8 *)&len, sizeof(len), have_simd);
len = cpu_to_le64(src_len);
- poly1305_update(&poly1305_state, (uint8_t *)&len, sizeof(len), have_simd);
+ poly1305_update(&poly1305_state, (u8 *)&len, sizeof(len), have_simd);
poly1305_finish(&poly1305_state, dst + src_len);
@@ -529,19 +529,19 @@ bool chacha20poly1305_encrypt(uint8_t *dst, const uint8_t *src, const size_t src
}
bool chacha20poly1305_encrypt_sg(struct scatterlist *dst, struct scatterlist *src, const size_t src_len,
- const uint8_t *ad, const size_t ad_len,
- const uint64_t nonce, const uint8_t key[CHACHA20POLY1305_KEYLEN],
+ const u8 *ad, const size_t ad_len,
+ const u64 nonce, const u8 key[CHACHA20POLY1305_KEYLEN],
bool have_simd)
{
struct poly1305_ctx poly1305_state;
struct chacha20_ctx chacha20_state;
struct blkcipher_walk walk;
- uint8_t block0[CHACHA20_BLOCK_SIZE] = { 0 };
- uint8_t mac[POLY1305_MAC_SIZE];
+ u8 block0[CHACHA20_BLOCK_SIZE] = { 0 };
+ u8 mac[POLY1305_MAC_SIZE];
__le64 len;
__le64 le_nonce = cpu_to_le64(nonce);
- chacha20_keysetup(&chacha20_state, key, (uint8_t *)&le_nonce);
+ chacha20_keysetup(&chacha20_state, key, (u8 *)&le_nonce);
chacha20_crypt(&chacha20_state, block0, block0, sizeof(block0), have_simd);
poly1305_init(&poly1305_state, block0);
@@ -569,10 +569,10 @@ bool chacha20poly1305_encrypt_sg(struct scatterlist *dst, struct scatterlist *sr
poly1305_update(&poly1305_state, pad0, (0x10 - src_len) & 0xf, have_simd);
len = cpu_to_le64(ad_len);
- poly1305_update(&poly1305_state, (uint8_t *)&len, sizeof(len), have_simd);
+ poly1305_update(&poly1305_state, (u8 *)&len, sizeof(len), have_simd);
len = cpu_to_le64(src_len);
- poly1305_update(&poly1305_state, (uint8_t *)&len, sizeof(len), have_simd);
+ poly1305_update(&poly1305_state, (u8 *)&len, sizeof(len), have_simd);
poly1305_finish(&poly1305_state, mac);
scatterwalk_map_and_copy(mac, dst, src_len, sizeof(mac), 1);
@@ -582,15 +582,15 @@ bool chacha20poly1305_encrypt_sg(struct scatterlist *dst, struct scatterlist *sr
return true;
}
-bool chacha20poly1305_decrypt(uint8_t *dst, const uint8_t *src, const size_t src_len,
- const uint8_t *ad, const size_t ad_len,
- const uint64_t nonce, const uint8_t key[CHACHA20POLY1305_KEYLEN])
+bool chacha20poly1305_decrypt(u8 *dst, const u8 *src, const size_t src_len,
+ const u8 *ad, const size_t ad_len,
+ const u64 nonce, const u8 key[CHACHA20POLY1305_KEYLEN])
{
struct poly1305_ctx poly1305_state;
struct chacha20_ctx chacha20_state;
int ret;
- uint8_t block0[CHACHA20_BLOCK_SIZE] = { 0 };
- uint8_t mac[POLY1305_MAC_SIZE];
+ u8 block0[CHACHA20_BLOCK_SIZE] = { 0 };
+ u8 mac[POLY1305_MAC_SIZE];
size_t dst_len;
__le64 len;
__le64 le_nonce = cpu_to_le64(nonce);
@@ -601,7 +601,7 @@ bool chacha20poly1305_decrypt(uint8_t *dst, const uint8_t *src, const size_t src
have_simd = chacha20poly1305_init_simd();
- chacha20_keysetup(&chacha20_state, key, (uint8_t *)&le_nonce);
+ chacha20_keysetup(&chacha20_state, key, (u8 *)&le_nonce);
chacha20_crypt(&chacha20_state, block0, block0, sizeof(block0), have_simd);
poly1305_init(&poly1305_state, block0);
@@ -615,10 +615,10 @@ bool chacha20poly1305_decrypt(uint8_t *dst, const uint8_t *src, const size_t src
poly1305_update(&poly1305_state, pad0, (0x10 - dst_len) & 0xf, have_simd);
len = cpu_to_le64(ad_len);
- poly1305_update(&poly1305_state, (uint8_t *)&len, sizeof(len), have_simd);
+ poly1305_update(&poly1305_state, (u8 *)&len, sizeof(len), have_simd);
len = cpu_to_le64(dst_len);
- poly1305_update(&poly1305_state, (uint8_t *)&len, sizeof(len), have_simd);
+ poly1305_update(&poly1305_state, (u8 *)&len, sizeof(len), have_simd);
poly1305_finish(&poly1305_state, mac);
memzero_explicit(&poly1305_state, sizeof(poly1305_state));
@@ -635,15 +635,15 @@ bool chacha20poly1305_decrypt(uint8_t *dst, const uint8_t *src, const size_t src
}
bool chacha20poly1305_decrypt_sg(struct scatterlist *dst, struct scatterlist *src, const size_t src_len,
- const uint8_t *ad, const size_t ad_len,
- const uint64_t nonce, const uint8_t key[CHACHA20POLY1305_KEYLEN])
+ const u8 *ad, const size_t ad_len,
+ const u64 nonce, const u8 key[CHACHA20POLY1305_KEYLEN])
{
struct poly1305_ctx poly1305_state;
struct chacha20_ctx chacha20_state;
struct blkcipher_walk walk;
int ret;
- uint8_t block0[CHACHA20_BLOCK_SIZE] = { 0 };
- uint8_t read_mac[POLY1305_MAC_SIZE], computed_mac[POLY1305_MAC_SIZE];
+ u8 block0[CHACHA20_BLOCK_SIZE] = { 0 };
+ u8 read_mac[POLY1305_MAC_SIZE], computed_mac[POLY1305_MAC_SIZE];
size_t dst_len;
__le64 len;
__le64 le_nonce = cpu_to_le64(nonce);
@@ -654,7 +654,7 @@ bool chacha20poly1305_decrypt_sg(struct scatterlist *dst, struct scatterlist *sr
have_simd = chacha20poly1305_init_simd();
- chacha20_keysetup(&chacha20_state, key, (uint8_t *)&le_nonce);
+ chacha20_keysetup(&chacha20_state, key, (u8 *)&le_nonce);
chacha20_crypt(&chacha20_state, block0, block0, sizeof(block0), have_simd);
poly1305_init(&poly1305_state, block0);
@@ -683,10 +683,10 @@ bool chacha20poly1305_decrypt_sg(struct scatterlist *dst, struct scatterlist *sr
poly1305_update(&poly1305_state, pad0, (0x10 - dst_len) & 0xf, have_simd);
len = cpu_to_le64(ad_len);
- poly1305_update(&poly1305_state, (uint8_t *)&len, sizeof(len), have_simd);
+ poly1305_update(&poly1305_state, (u8 *)&len, sizeof(len), have_simd);
len = cpu_to_le64(dst_len);
- poly1305_update(&poly1305_state, (uint8_t *)&len, sizeof(len), have_simd);
+ poly1305_update(&poly1305_state, (u8 *)&len, sizeof(len), have_simd);
poly1305_finish(&poly1305_state, computed_mac);
memzero_explicit(&poly1305_state, sizeof(poly1305_state));
diff --git a/src/crypto/chacha20poly1305.h b/src/crypto/chacha20poly1305.h
index 4ffcd1e..2ae9ff5 100644
--- a/src/crypto/chacha20poly1305.h
+++ b/src/crypto/chacha20poly1305.h
@@ -14,22 +14,22 @@ enum chacha20poly1305_lengths {
void chacha20poly1305_init(void);
-bool chacha20poly1305_encrypt(uint8_t *dst, const uint8_t *src, const size_t src_len,
- const uint8_t *ad, const size_t ad_len,
- const uint64_t nonce, const uint8_t key[CHACHA20POLY1305_KEYLEN]);
+bool chacha20poly1305_encrypt(u8 *dst, const u8 *src, const size_t src_len,
+ const u8 *ad, const size_t ad_len,
+ const u64 nonce, const u8 key[CHACHA20POLY1305_KEYLEN]);
bool chacha20poly1305_encrypt_sg(struct scatterlist *dst, struct scatterlist *src, const size_t src_len,
- const uint8_t *ad, const size_t ad_len,
- const uint64_t nonce, const uint8_t key[CHACHA20POLY1305_KEYLEN],
+ const u8 *ad, const size_t ad_len,
+ const u64 nonce, const u8 key[CHACHA20POLY1305_KEYLEN],
bool have_simd);
-bool chacha20poly1305_decrypt(uint8_t *dst, const uint8_t *src, const size_t src_len,
- const uint8_t *ad, const size_t ad_len,
- const uint64_t nonce, const uint8_t key[CHACHA20POLY1305_KEYLEN]);
+bool chacha20poly1305_decrypt(u8 *dst, const u8 *src, const size_t src_len,
+ const u8 *ad, const size_t ad_len,
+ const u64 nonce, const u8 key[CHACHA20POLY1305_KEYLEN]);
bool chacha20poly1305_decrypt_sg(struct scatterlist *dst, struct scatterlist *src, const size_t src_len,
- const uint8_t *ad, const size_t ad_len,
- const uint64_t nonce, const uint8_t key[CHACHA20POLY1305_KEYLEN]);
+ const u8 *ad, const size_t ad_len,
+ const u64 nonce, const u8 key[CHACHA20POLY1305_KEYLEN]);
#ifdef CONFIG_X86_64
#include <linux/version.h>
diff --git a/src/crypto/curve25519.c b/src/crypto/curve25519.c
index 41eeea8..ede5f10 100644
--- a/src/crypto/curve25519.c
+++ b/src/crypto/curve25519.c
@@ -16,7 +16,7 @@
#undef ARCH_HAS_SEPARATE_IRQ_STACK
#endif
-static __always_inline void normalize_secret(uint8_t secret[CURVE25519_POINT_SIZE])
+static __always_inline void normalize_secret(u8 secret[CURVE25519_POINT_SIZE])
{
secret[0] &= 248;
secret[31] &= 127;
@@ -24,7 +24,7 @@ static __always_inline void normalize_secret(uint8_t secret[CURVE25519_POINT_SIZ
}
#ifdef __SIZEOF_INT128__
-typedef uint64_t limb;
+typedef u64 limb;
typedef limb felem[5];
typedef __uint128_t uint128_t;
@@ -180,18 +180,18 @@ static __always_inline void fsquare_times(felem output, const felem in, limb cou
}
/* Load a little-endian 64-bit number */
-static inline limb load_limb(const uint8_t *in)
+static inline limb load_limb(const u8 *in)
{
- return le64_to_cpu(*(uint64_t *)in);
+ return le64_to_cpu(*(u64 *)in);
}
-static inline void store_limb(uint8_t *out, limb in)
+static inline void store_limb(u8 *out, limb in)
{
- *(uint64_t *)out = cpu_to_le64(in);
+ *(u64 *)out = cpu_to_le64(in);
}
/* Take a little-endian, 32-byte number and expand it into polynomial form */
-static inline void fexpand(limb *output, const uint8_t *in)
+static inline void fexpand(limb *output, const u8 *in)
{
output[0] = load_limb(in) & 0x7ffffffffffffUL;
output[1] = (load_limb(in + 6) >> 3) & 0x7ffffffffffffUL;
@@ -203,7 +203,7 @@ static inline void fexpand(limb *output, const uint8_t *in)
/* Take a fully reduced polynomial form number and contract it into a
* little-endian, 32-byte array
*/
-static void fcontract(uint8_t *output, const felem input)
+static void fcontract(u8 *output, const felem input)
{
uint128_t t[5];
@@ -324,7 +324,7 @@ static void swap_conditional(limb a[5], limb b[5], limb iswap)
* n: a little endian, 32-byte number
* q: a point of the curve (short form)
*/
-static void cmult(limb *resultx, limb *resultz, const uint8_t *n, const limb *q)
+static void cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q)
{
limb a[5] = {0}, b[5] = {1}, c[5] = {1}, d[5] = {0};
limb *nqpqx = a, *nqpqz = b, *nqx = c, *nqz = d, *t;
@@ -336,7 +336,7 @@ static void cmult(limb *resultx, limb *resultz, const uint8_t *n, const limb *q)
memcpy(nqpqx, q, sizeof(limb) * 5);
for (i = 0; i < 32; ++i) {
- uint8_t byte = n[31 - i];
+ u8 byte = n[31 - i];
for (j = 0; j < 8; ++j) {
const limb bit = byte >> 7;
@@ -399,10 +399,10 @@ static void crecip(felem out, const felem z)
/* 2^255 - 21 */ fmul(out, t0, a);
}
-void curve25519(uint8_t mypublic[CURVE25519_POINT_SIZE], const uint8_t secret[CURVE25519_POINT_SIZE], const uint8_t basepoint[CURVE25519_POINT_SIZE])
+void curve25519(u8 mypublic[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE], const u8 basepoint[CURVE25519_POINT_SIZE])
{
limb bp[5], x[5], z[5], zmone[5];
- uint8_t e[32];
+ u8 e[32];
memcpy(e, secret, 32);
normalize_secret(e);
@@ -421,7 +421,7 @@ void curve25519(uint8_t mypublic[CURVE25519_POINT_SIZE], const uint8_t secret[CU
}
#else
-typedef int64_t limb;
+typedef s64 limb;
/* Field element representation:
*
@@ -466,106 +466,106 @@ static void fscalar_product(limb *output, const limb *in, const limb scalar)
* output[x] <= 14 * the largest product of the input limbs. */
static void fproduct(limb *output, const limb *in2, const limb *in)
{
- output[0] = ((limb) ((int32_t) in2[0])) * ((int32_t) in[0]);
- output[1] = ((limb) ((int32_t) in2[0])) * ((int32_t) in[1]) +
- ((limb) ((int32_t) in2[1])) * ((int32_t) in[0]);
- output[2] = 2 * ((limb) ((int32_t) in2[1])) * ((int32_t) in[1]) +
- ((limb) ((int32_t) in2[0])) * ((int32_t) in[2]) +
- ((limb) ((int32_t) in2[2])) * ((int32_t) in[0]);
- output[3] = ((limb) ((int32_t) in2[1])) * ((int32_t) in[2]) +
- ((limb) ((int32_t) in2[2])) * ((int32_t) in[1]) +
- ((limb) ((int32_t) in2[0])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in2[3])) * ((int32_t) in[0]);
- output[4] = ((limb) ((int32_t) in2[2])) * ((int32_t) in[2]) +
- 2 * (((limb) ((int32_t) in2[1])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in2[3])) * ((int32_t) in[1])) +
- ((limb) ((int32_t) in2[0])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in2[4])) * ((int32_t) in[0]);
- output[5] = ((limb) ((int32_t) in2[2])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in2[3])) * ((int32_t) in[2]) +
- ((limb) ((int32_t) in2[1])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in2[4])) * ((int32_t) in[1]) +
- ((limb) ((int32_t) in2[0])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in2[5])) * ((int32_t) in[0]);
- output[6] = 2 * (((limb) ((int32_t) in2[3])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in2[1])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in2[5])) * ((int32_t) in[1])) +
- ((limb) ((int32_t) in2[2])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in2[4])) * ((int32_t) in[2]) +
- ((limb) ((int32_t) in2[0])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in2[6])) * ((int32_t) in[0]);
- output[7] = ((limb) ((int32_t) in2[3])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in2[4])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in2[2])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in2[5])) * ((int32_t) in[2]) +
- ((limb) ((int32_t) in2[1])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in2[6])) * ((int32_t) in[1]) +
- ((limb) ((int32_t) in2[0])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in2[7])) * ((int32_t) in[0]);
- output[8] = ((limb) ((int32_t) in2[4])) * ((int32_t) in[4]) +
- 2 * (((limb) ((int32_t) in2[3])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in2[5])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in2[1])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in2[7])) * ((int32_t) in[1])) +
- ((limb) ((int32_t) in2[2])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in2[6])) * ((int32_t) in[2]) +
- ((limb) ((int32_t) in2[0])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in2[8])) * ((int32_t) in[0]);
- output[9] = ((limb) ((int32_t) in2[4])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in2[5])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in2[3])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in2[6])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in2[2])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in2[7])) * ((int32_t) in[2]) +
- ((limb) ((int32_t) in2[1])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in2[8])) * ((int32_t) in[1]) +
- ((limb) ((int32_t) in2[0])) * ((int32_t) in[9]) +
- ((limb) ((int32_t) in2[9])) * ((int32_t) in[0]);
- output[10] = 2 * (((limb) ((int32_t) in2[5])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in2[3])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in2[7])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in2[1])) * ((int32_t) in[9]) +
- ((limb) ((int32_t) in2[9])) * ((int32_t) in[1])) +
- ((limb) ((int32_t) in2[4])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in2[6])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in2[2])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in2[8])) * ((int32_t) in[2]);
- output[11] = ((limb) ((int32_t) in2[5])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in2[6])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in2[4])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in2[7])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in2[3])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in2[8])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in2[2])) * ((int32_t) in[9]) +
- ((limb) ((int32_t) in2[9])) * ((int32_t) in[2]);
- output[12] = ((limb) ((int32_t) in2[6])) * ((int32_t) in[6]) +
- 2 * (((limb) ((int32_t) in2[5])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in2[7])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in2[3])) * ((int32_t) in[9]) +
- ((limb) ((int32_t) in2[9])) * ((int32_t) in[3])) +
- ((limb) ((int32_t) in2[4])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in2[8])) * ((int32_t) in[4]);
- output[13] = ((limb) ((int32_t) in2[6])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in2[7])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in2[5])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in2[8])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in2[4])) * ((int32_t) in[9]) +
- ((limb) ((int32_t) in2[9])) * ((int32_t) in[4]);
- output[14] = 2 * (((limb) ((int32_t) in2[7])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in2[5])) * ((int32_t) in[9]) +
- ((limb) ((int32_t) in2[9])) * ((int32_t) in[5])) +
- ((limb) ((int32_t) in2[6])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in2[8])) * ((int32_t) in[6]);
- output[15] = ((limb) ((int32_t) in2[7])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in2[8])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in2[6])) * ((int32_t) in[9]) +
- ((limb) ((int32_t) in2[9])) * ((int32_t) in[6]);
- output[16] = ((limb) ((int32_t) in2[8])) * ((int32_t) in[8]) +
- 2 * (((limb) ((int32_t) in2[7])) * ((int32_t) in[9]) +
- ((limb) ((int32_t) in2[9])) * ((int32_t) in[7]));
- output[17] = ((limb) ((int32_t) in2[8])) * ((int32_t) in[9]) +
- ((limb) ((int32_t) in2[9])) * ((int32_t) in[8]);
- output[18] = 2 * ((limb) ((int32_t) in2[9])) * ((int32_t) in[9]);
+ output[0] = ((limb) ((s32) in2[0])) * ((s32) in[0]);
+ output[1] = ((limb) ((s32) in2[0])) * ((s32) in[1]) +
+ ((limb) ((s32) in2[1])) * ((s32) in[0]);
+ output[2] = 2 * ((limb) ((s32) in2[1])) * ((s32) in[1]) +
+ ((limb) ((s32) in2[0])) * ((s32) in[2]) +
+ ((limb) ((s32) in2[2])) * ((s32) in[0]);
+ output[3] = ((limb) ((s32) in2[1])) * ((s32) in[2]) +
+ ((limb) ((s32) in2[2])) * ((s32) in[1]) +
+ ((limb) ((s32) in2[0])) * ((s32) in[3]) +
+ ((limb) ((s32) in2[3])) * ((s32) in[0]);
+ output[4] = ((limb) ((s32) in2[2])) * ((s32) in[2]) +
+ 2 * (((limb) ((s32) in2[1])) * ((s32) in[3]) +
+ ((limb) ((s32) in2[3])) * ((s32) in[1])) +
+ ((limb) ((s32) in2[0])) * ((s32) in[4]) +
+ ((limb) ((s32) in2[4])) * ((s32) in[0]);
+ output[5] = ((limb) ((s32) in2[2])) * ((s32) in[3]) +
+ ((limb) ((s32) in2[3])) * ((s32) in[2]) +
+ ((limb) ((s32) in2[1])) * ((s32) in[4]) +
+ ((limb) ((s32) in2[4])) * ((s32) in[1]) +
+ ((limb) ((s32) in2[0])) * ((s32) in[5]) +
+ ((limb) ((s32) in2[5])) * ((s32) in[0]);
+ output[6] = 2 * (((limb) ((s32) in2[3])) * ((s32) in[3]) +
+ ((limb) ((s32) in2[1])) * ((s32) in[5]) +
+ ((limb) ((s32) in2[5])) * ((s32) in[1])) +
+ ((limb) ((s32) in2[2])) * ((s32) in[4]) +
+ ((limb) ((s32) in2[4])) * ((s32) in[2]) +
+ ((limb) ((s32) in2[0])) * ((s32) in[6]) +
+ ((limb) ((s32) in2[6])) * ((s32) in[0]);
+ output[7] = ((limb) ((s32) in2[3])) * ((s32) in[4]) +
+ ((limb) ((s32) in2[4])) * ((s32) in[3]) +
+ ((limb) ((s32) in2[2])) * ((s32) in[5]) +
+ ((limb) ((s32) in2[5])) * ((s32) in[2]) +
+ ((limb) ((s32) in2[1])) * ((s32) in[6]) +
+ ((limb) ((s32) in2[6])) * ((s32) in[1]) +
+ ((limb) ((s32) in2[0])) * ((s32) in[7]) +
+ ((limb) ((s32) in2[7])) * ((s32) in[0]);
+ output[8] = ((limb) ((s32) in2[4])) * ((s32) in[4]) +
+ 2 * (((limb) ((s32) in2[3])) * ((s32) in[5]) +
+ ((limb) ((s32) in2[5])) * ((s32) in[3]) +
+ ((limb) ((s32) in2[1])) * ((s32) in[7]) +
+ ((limb) ((s32) in2[7])) * ((s32) in[1])) +
+ ((limb) ((s32) in2[2])) * ((s32) in[6]) +
+ ((limb) ((s32) in2[6])) * ((s32) in[2]) +
+ ((limb) ((s32) in2[0])) * ((s32) in[8]) +
+ ((limb) ((s32) in2[8])) * ((s32) in[0]);
+ output[9] = ((limb) ((s32) in2[4])) * ((s32) in[5]) +
+ ((limb) ((s32) in2[5])) * ((s32) in[4]) +
+ ((limb) ((s32) in2[3])) * ((s32) in[6]) +
+ ((limb) ((s32) in2[6])) * ((s32) in[3]) +
+ ((limb) ((s32) in2[2])) * ((s32) in[7]) +
+ ((limb) ((s32) in2[7])) * ((s32) in[2]) +
+ ((limb) ((s32) in2[1])) * ((s32) in[8]) +
+ ((limb) ((s32) in2[8])) * ((s32) in[1]) +
+ ((limb) ((s32) in2[0])) * ((s32) in[9]) +
+ ((limb) ((s32) in2[9])) * ((s32) in[0]);
+ output[10] = 2 * (((limb) ((s32) in2[5])) * ((s32) in[5]) +
+ ((limb) ((s32) in2[3])) * ((s32) in[7]) +
+ ((limb) ((s32) in2[7])) * ((s32) in[3]) +
+ ((limb) ((s32) in2[1])) * ((s32) in[9]) +
+ ((limb) ((s32) in2[9])) * ((s32) in[1])) +
+ ((limb) ((s32) in2[4])) * ((s32) in[6]) +
+ ((limb) ((s32) in2[6])) * ((s32) in[4]) +
+ ((limb) ((s32) in2[2])) * ((s32) in[8]) +
+ ((limb) ((s32) in2[8])) * ((s32) in[2]);
+ output[11] = ((limb) ((s32) in2[5])) * ((s32) in[6]) +
+ ((limb) ((s32) in2[6])) * ((s32) in[5]) +
+ ((limb) ((s32) in2[4])) * ((s32) in[7]) +
+ ((limb) ((s32) in2[7])) * ((s32) in[4]) +
+ ((limb) ((s32) in2[3])) * ((s32) in[8]) +
+ ((limb) ((s32) in2[8])) * ((s32) in[3]) +
+ ((limb) ((s32) in2[2])) * ((s32) in[9]) +
+ ((limb) ((s32) in2[9])) * ((s32) in[2]);
+ output[12] = ((limb) ((s32) in2[6])) * ((s32) in[6]) +
+ 2 * (((limb) ((s32) in2[5])) * ((s32) in[7]) +
+ ((limb) ((s32) in2[7])) * ((s32) in[5]) +
+ ((limb) ((s32) in2[3])) * ((s32) in[9]) +
+ ((limb) ((s32) in2[9])) * ((s32) in[3])) +
+ ((limb) ((s32) in2[4])) * ((s32) in[8]) +
+ ((limb) ((s32) in2[8])) * ((s32) in[4]);
+ output[13] = ((limb) ((s32) in2[6])) * ((s32) in[7]) +
+ ((limb) ((s32) in2[7])) * ((s32) in[6]) +
+ ((limb) ((s32) in2[5])) * ((s32) in[8]) +
+ ((limb) ((s32) in2[8])) * ((s32) in[5]) +
+ ((limb) ((s32) in2[4])) * ((s32) in[9]) +
+ ((limb) ((s32) in2[9])) * ((s32) in[4]);
+ output[14] = 2 * (((limb) ((s32) in2[7])) * ((s32) in[7]) +
+ ((limb) ((s32) in2[5])) * ((s32) in[9]) +
+ ((limb) ((s32) in2[9])) * ((s32) in[5])) +
+ ((limb) ((s32) in2[6])) * ((s32) in[8]) +
+ ((limb) ((s32) in2[8])) * ((s32) in[6]);
+ output[15] = ((limb) ((s32) in2[7])) * ((s32) in[8]) +
+ ((limb) ((s32) in2[8])) * ((s32) in[7]) +
+ ((limb) ((s32) in2[6])) * ((s32) in[9]) +
+ ((limb) ((s32) in2[9])) * ((s32) in[6]);
+ output[16] = ((limb) ((s32) in2[8])) * ((s32) in[8]) +
+ 2 * (((limb) ((s32) in2[7])) * ((s32) in[9]) +
+ ((limb) ((s32) in2[9])) * ((s32) in[7]));
+ output[17] = ((limb) ((s32) in2[8])) * ((s32) in[9]) +
+ ((limb) ((s32) in2[9])) * ((s32) in[8]);
+ output[18] = 2 * ((limb) ((s32) in2[9])) * ((s32) in[9]);
}
/* Reduce a long form to a short form by taking the input mod 2^255 - 19.
@@ -617,11 +617,11 @@ static void freduce_degree(limb *output)
static inline limb div_by_2_26(const limb v)
{
/* High word of v; no shift needed. */
- const uint32_t highword = (uint32_t) (((uint64_t) v) >> 32);
+ const u32 highword = (u32) (((u64) v) >> 32);
/* Set to all 1s if v was negative; else set to 0s. */
- const int32_t sign = ((int32_t) highword) >> 31;
+ const s32 sign = ((s32) highword) >> 31;
/* Set to 0x3ffffff if v was negative; else set to 0. */
- const int32_t roundoff = ((uint32_t) sign) >> 6;
+ const s32 roundoff = ((u32) sign) >> 6;
/* Should return v / (1<<26) */
return (v + roundoff) >> 26;
}
@@ -632,11 +632,11 @@ static inline limb div_by_2_26(const limb v)
static inline limb div_by_2_25(const limb v)
{
/* High word of v; no shift needed*/
- const uint32_t highword = (uint32_t) (((uint64_t) v) >> 32);
+ const u32 highword = (u32) (((u64) v) >> 32);
/* Set to all 1s if v was negative; else set to 0s. */
- const int32_t sign = ((int32_t) highword) >> 31;
+ const s32 sign = ((s32) highword) >> 31;
/* Set to 0x1ffffff if v was negative; else set to 0. */
- const int32_t roundoff = ((uint32_t) sign) >> 7;
+ const s32 roundoff = ((u32) sign) >> 7;
/* Should return v / (1<<25) */
return (v + roundoff) >> 25;
}
@@ -713,61 +713,61 @@ static void fmul(limb *output, const limb *in, const limb *in2)
* output[x] <= 14 * the largest product of the input limbs. */
static void fsquare_inner(limb *output, const limb *in)
{
- output[0] = ((limb) ((int32_t) in[0])) * ((int32_t) in[0]);
- output[1] = 2 * ((limb) ((int32_t) in[0])) * ((int32_t) in[1]);
- output[2] = 2 * (((limb) ((int32_t) in[1])) * ((int32_t) in[1]) +
- ((limb) ((int32_t) in[0])) * ((int32_t) in[2]));
- output[3] = 2 * (((limb) ((int32_t) in[1])) * ((int32_t) in[2]) +
- ((limb) ((int32_t) in[0])) * ((int32_t) in[3]));
- output[4] = ((limb) ((int32_t) in[2])) * ((int32_t) in[2]) +
- 4 * ((limb) ((int32_t) in[1])) * ((int32_t) in[3]) +
- 2 * ((limb) ((int32_t) in[0])) * ((int32_t) in[4]);
- output[5] = 2 * (((limb) ((int32_t) in[2])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in[1])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in[0])) * ((int32_t) in[5]));
- output[6] = 2 * (((limb) ((int32_t) in[3])) * ((int32_t) in[3]) +
- ((limb) ((int32_t) in[2])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in[0])) * ((int32_t) in[6]) +
- 2 * ((limb) ((int32_t) in[1])) * ((int32_t) in[5]));
- output[7] = 2 * (((limb) ((int32_t) in[3])) * ((int32_t) in[4]) +
- ((limb) ((int32_t) in[2])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in[1])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in[0])) * ((int32_t) in[7]));
- output[8] = ((limb) ((int32_t) in[4])) * ((int32_t) in[4]) +
- 2 * (((limb) ((int32_t) in[2])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in[0])) * ((int32_t) in[8]) +
- 2 * (((limb) ((int32_t) in[1])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in[3])) * ((int32_t) in[5])));
- output[9] = 2 * (((limb) ((int32_t) in[4])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in[3])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in[2])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in[1])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in[0])) * ((int32_t) in[9]));
- output[10] = 2 * (((limb) ((int32_t) in[5])) * ((int32_t) in[5]) +
- ((limb) ((int32_t) in[4])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in[2])) * ((int32_t) in[8]) +
- 2 * (((limb) ((int32_t) in[3])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in[1])) * ((int32_t) in[9])));
- output[11] = 2 * (((limb) ((int32_t) in[5])) * ((int32_t) in[6]) +
- ((limb) ((int32_t) in[4])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in[3])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in[2])) * ((int32_t) in[9]));
- output[12] = ((limb) ((int32_t) in[6])) * ((int32_t) in[6]) +
- 2 * (((limb) ((int32_t) in[4])) * ((int32_t) in[8]) +
- 2 * (((limb) ((int32_t) in[5])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in[3])) * ((int32_t) in[9])));
- output[13] = 2 * (((limb) ((int32_t) in[6])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in[5])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in[4])) * ((int32_t) in[9]));
- output[14] = 2 * (((limb) ((int32_t) in[7])) * ((int32_t) in[7]) +
- ((limb) ((int32_t) in[6])) * ((int32_t) in[8]) +
- 2 * ((limb) ((int32_t) in[5])) * ((int32_t) in[9]));
- output[15] = 2 * (((limb) ((int32_t) in[7])) * ((int32_t) in[8]) +
- ((limb) ((int32_t) in[6])) * ((int32_t) in[9]));
- output[16] = ((limb) ((int32_t) in[8])) * ((int32_t) in[8]) +
- 4 * ((limb) ((int32_t) in[7])) * ((int32_t) in[9]);
- output[17] = 2 * ((limb) ((int32_t) in[8])) * ((int32_t) in[9]);
- output[18] = 2 * ((limb) ((int32_t) in[9])) * ((int32_t) in[9]);
+ output[0] = ((limb) ((s32) in[0])) * ((s32) in[0]);
+ output[1] = 2 * ((limb) ((s32) in[0])) * ((s32) in[1]);
+ output[2] = 2 * (((limb) ((s32) in[1])) * ((s32) in[1]) +
+ ((limb) ((s32) in[0])) * ((s32) in[2]));
+ output[3] = 2 * (((limb) ((s32) in[1])) * ((s32) in[2]) +
+ ((limb) ((s32) in[0])) * ((s32) in[3]));
+ output[4] = ((limb) ((s32) in[2])) * ((s32) in[2]) +
+ 4 * ((limb) ((s32) in[1])) * ((s32) in[3]) +
+ 2 * ((limb) ((s32) in[0])) * ((s32) in[4]);
+ output[5] = 2 * (((limb) ((s32) in[2])) * ((s32) in[3]) +
+ ((limb) ((s32) in[1])) * ((s32) in[4]) +
+ ((limb) ((s32) in[0])) * ((s32) in[5]));
+ output[6] = 2 * (((limb) ((s32) in[3])) * ((s32) in[3]) +
+ ((limb) ((s32) in[2])) * ((s32) in[4]) +
+ ((limb) ((s32) in[0])) * ((s32) in[6]) +
+ 2 * ((limb) ((s32) in[1])) * ((s32) in[5]));
+ output[7] = 2 * (((limb) ((s32) in[3])) * ((s32) in[4]) +
+ ((limb) ((s32) in[2])) * ((s32) in[5]) +
+ ((limb) ((s32) in[1])) * ((s32) in[6]) +
+ ((limb) ((s32) in[0])) * ((s32) in[7]));
+ output[8] = ((limb) ((s32) in[4])) * ((s32) in[4]) +
+ 2 * (((limb) ((s32) in[2])) * ((s32) in[6]) +
+ ((limb) ((s32) in[0])) * ((s32) in[8]) +
+ 2 * (((limb) ((s32) in[1])) * ((s32) in[7]) +
+ ((limb) ((s32) in[3])) * ((s32) in[5])));
+ output[9] = 2 * (((limb) ((s32) in[4])) * ((s32) in[5]) +
+ ((limb) ((s32) in[3])) * ((s32) in[6]) +
+ ((limb) ((s32) in[2])) * ((s32) in[7]) +
+ ((limb) ((s32) in[1])) * ((s32) in[8]) +
+ ((limb) ((s32) in[0])) * ((s32) in[9]));
+ output[10] = 2 * (((limb) ((s32) in[5])) * ((s32) in[5]) +
+ ((limb) ((s32) in[4])) * ((s32) in[6]) +
+ ((limb) ((s32) in[2])) * ((s32) in[8]) +
+ 2 * (((limb) ((s32) in[3])) * ((s32) in[7]) +
+ ((limb) ((s32) in[1])) * ((s32) in[9])));
+ output[11] = 2 * (((limb) ((s32) in[5])) * ((s32) in[6]) +
+ ((limb) ((s32) in[4])) * ((s32) in[7]) +
+ ((limb) ((s32) in[3])) * ((s32) in[8]) +
+ ((limb) ((s32) in[2])) * ((s32) in[9]));
+ output[12] = ((limb) ((s32) in[6])) * ((s32) in[6]) +
+ 2 * (((limb) ((s32) in[4])) * ((s32) in[8]) +
+ 2 * (((limb) ((s32) in[5])) * ((s32) in[7]) +
+ ((limb) ((s32) in[3])) * ((s32) in[9])));
+ output[13] = 2 * (((limb) ((s32) in[6])) * ((s32) in[7]) +
+ ((limb) ((s32) in[5])) * ((s32) in[8]) +
+ ((limb) ((s32) in[4])) * ((s32) in[9]));
+ output[14] = 2 * (((limb) ((s32) in[7])) * ((s32) in[7]) +
+ ((limb) ((s32) in[6])) * ((s32) in[8]) +
+ 2 * ((limb) ((s32) in[5])) * ((s32) in[9]));
+ output[15] = 2 * (((limb) ((s32) in[7])) * ((s32) in[8]) +
+ ((limb) ((s32) in[6])) * ((s32) in[9]));
+ output[16] = ((limb) ((s32) in[8])) * ((s32) in[8]) +
+ 4 * ((limb) ((s32) in[7])) * ((s32) in[9]);
+ output[17] = 2 * ((limb) ((s32) in[8])) * ((s32) in[9]);
+ output[18] = 2 * ((limb) ((s32) in[9])) * ((s32) in[9]);
}
/* fsquare sets output = in^2.
@@ -791,7 +791,7 @@ static void fsquare(limb *output, const limb *in)
}
/* Take a little-endian, 32-byte number and expand it into polynomial form */
-static inline void fexpand(limb *output, const uint8_t *input)
+static inline void fexpand(limb *output, const u8 *input)
{
#define F(n,start,shift,mask) \
output[n] = ((((limb) input[start + 0]) | \
@@ -815,8 +815,8 @@ static inline void fexpand(limb *output, const uint8_t *input)
#error "This code only works when >> does sign-extension on negative numbers"
#endif
-/* int32_t_eq returns 0xffffffff iff a == b and zero otherwise. */
-static int32_t int32_t_eq(int32_t a, int32_t b)
+/* s32_eq returns 0xffffffff iff a == b and zero otherwise. */
+static s32 s32_eq(s32 a, s32 b)
{
a = ~(a ^ b);
a &= a << 16;
@@ -827,9 +827,9 @@ static int32_t int32_t_eq(int32_t a, int32_t b)
return a >> 31;
}
-/* int32_t_gte returns 0xffffffff if a >= b and zero otherwise, where a and b are
+/* s32_gte returns 0xffffffff if a >= b and zero otherwise, where a and b are
* both non-negative. */
-static int32_t int32_t_gte(int32_t a, int32_t b)
+static s32 s32_gte(s32 a, s32 b)
{
a -= b;
/* a >= 0 iff a >= b. */
@@ -840,14 +840,14 @@ static int32_t int32_t_gte(int32_t a, int32_t b)
* little-endian, 32-byte array.
*
* On entry: |input_limbs[i]| < 2^26 */
-static void fcontract(uint8_t *output, limb *input_limbs)
+static void fcontract(u8 *output, limb *input_limbs)
{
int i;
int j;
- int32_t input[10];
- int32_t mask;
+ s32 input[10];
+ s32 mask;
- /* |input_limbs[i]| < 2^26, so it's valid to convert to an int32_t. */
+ /* |input_limbs[i]| < 2^26, so it's valid to convert to an s32. */
for (i = 0; i < 10; i++) {
input[i] = input_limbs[i];
}
@@ -857,13 +857,13 @@ static void fcontract(uint8_t *output, limb *input_limbs)
if ((i & 1) == 1) {
/* This calculation is a time-invariant way to make input[i]
* non-negative by borrowing from the next-larger limb. */
- const int32_t mask = input[i] >> 31;
- const int32_t carry = -((input[i] & mask) >> 25);
+ const s32 mask = input[i] >> 31;
+ const s32 carry = -((input[i] & mask) >> 25);
input[i] = input[i] + (carry << 25);
input[i+1] = input[i+1] - carry;
} else {
- const int32_t mask = input[i] >> 31;
- const int32_t carry = -((input[i] & mask) >> 26);
+ const s32 mask = input[i] >> 31;
+ const s32 carry = -((input[i] & mask) >> 26);
input[i] = input[i] + (carry << 26);
input[i+1] = input[i+1] - carry;
}
@@ -872,8 +872,8 @@ static void fcontract(uint8_t *output, limb *input_limbs)
/* There's no greater limb for input[9] to borrow from, but we can multiply
* by 19 and borrow from input[0], which is valid mod 2^255-19. */
{
- const int32_t mask = input[9] >> 31;
- const int32_t carry = -((input[9] & mask) >> 25);
+ const s32 mask = input[9] >> 31;
+ const s32 carry = -((input[9] & mask) >> 25);
input[9] = input[9] + (carry << 25);
input[0] = input[0] - (carry * 19);
}
@@ -894,8 +894,8 @@ static void fcontract(uint8_t *output, limb *input_limbs)
through input[9] were all zero. In that case, input[1] is now 2^25 - 1,
and this last borrow-propagation step will leave input[1] non-negative. */
{
- const int32_t mask = input[0] >> 31;
- const int32_t carry = -((input[0] & mask) >> 26);
+ const s32 mask = input[0] >> 31;
+ const s32 carry = -((input[0] & mask) >> 26);
input[0] = input[0] + (carry << 26);
input[1] = input[1] - carry;
}
@@ -905,18 +905,18 @@ static void fcontract(uint8_t *output, limb *input_limbs)
for (j = 0; j < 2; j++) {
for (i = 0; i < 9; i++) {
if ((i & 1) == 1) {
- const int32_t carry = input[i] >> 25;
+ const s32 carry = input[i] >> 25;
input[i] &= 0x1ffffff;
input[i+1] += carry;
} else {
- const int32_t carry = input[i] >> 26;
+ const s32 carry = input[i] >> 26;
input[i] &= 0x3ffffff;
input[i+1] += carry;
}
}
{
- const int32_t carry = input[9] >> 25;
+ const s32 carry = input[9] >> 25;
input[9] &= 0x1ffffff;
input[0] += 19*carry;
}
@@ -932,12 +932,12 @@ static void fcontract(uint8_t *output, limb *input_limbs)
/* It still remains the case that input might be between 2^255-19 and 2^255.
* In this case, input[1..9] must take their maximum value and input[0] must
* be >= (2^255-19) & 0x3ffffff, which is 0x3ffffed. */
- mask = int32_t_gte(input[0], 0x3ffffed);
+ mask = s32_gte(input[0], 0x3ffffed);
for (i = 1; i < 10; i++) {
if ((i & 1) == 1) {
- mask &= int32_t_eq(input[i], 0x1ffffff);
+ mask &= s32_eq(input[i], 0x1ffffff);
} else {
- mask &= int32_t_eq(input[i], 0x3ffffff);
+ mask &= s32_eq(input[i], 0x3ffffff);
}
}
@@ -993,12 +993,12 @@ static void fcontract(uint8_t *output, limb *input_limbs)
static void swap_conditional(limb a[19], limb b[19], limb iswap)
{
unsigned i;
- const int32_t swap = (int32_t) -iswap;
+ const s32 swap = (s32) -iswap;
for (i = 0; i < 10; ++i) {
- const int32_t x = swap & ( ((int32_t)a[i]) ^ ((int32_t)b[i]) );
- a[i] = ((int32_t)a[i]) ^ x;
- b[i] = ((int32_t)b[i]) ^ x;
+ const s32 x = swap & ( ((s32)a[i]) ^ ((s32)b[i]) );
+ a[i] = ((s32)a[i]) ^ x;
+ b[i] = ((s32)b[i]) ^ x;
}
}
@@ -1163,7 +1163,7 @@ static void fmonty(limb *x2, limb *z2, /* output 2Q */
* resultx/resultz: the x coordinate of the resulting curve point (short form)
* n: a little endian, 32-byte number
* q: a point of the curve (short form) */
-static void cmult(limb *resultx, limb *resultz, const uint8_t *n, const limb *q)
+static void cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q)
{
limb a[19] = {0}, b[19] = {1}, c[19] = {1}, d[19] = {0};
limb *nqpqx = a, *nqpqz = b, *nqx = c, *nqz = d, *t;
@@ -1175,7 +1175,7 @@ static void cmult(limb *resultx, limb *resultz, const uint8_t *n, const limb *q)
memcpy(nqpqx, q, sizeof(limb) * 10);
for (i = 0; i < 32; ++i) {
- uint8_t byte = n[31 - i];
+ u8 byte = n[31 - i];
for (j = 0; j < 8; ++j) {
const limb bit = byte >> 7;
@@ -1210,10 +1210,10 @@ static void cmult(limb *resultx, limb *resultz, const uint8_t *n, const limb *q)
memcpy(resultz, nqz, sizeof(limb) * 10);
}
-void curve25519(uint8_t mypublic[CURVE25519_POINT_SIZE], const uint8_t secret[CURVE25519_POINT_SIZE], const uint8_t basepoint[CURVE25519_POINT_SIZE])
+void curve25519(u8 mypublic[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE], const u8 basepoint[CURVE25519_POINT_SIZE])
{
limb bp[10], x[10], z[11], zmone[10];
- uint8_t e[32];
+ u8 e[32];
memcpy(e, secret, 32);
normalize_secret(e);
@@ -1235,7 +1235,7 @@ struct other_stack {
limb origx[10], origxprime[10], zzz[19], xx[19], zz[19], xxprime[19], zzprime[19], zzzprime[19], xxxprime[19];
limb a[19], b[19], c[19], d[19], e[19], f[19], g[19], h[19];
limb bp[10], x[10], z[11], zmone[10];
- uint8_t ee[32];
+ u8 ee[32];
};
/* Input: Q, Q', Q-Q'
@@ -1328,7 +1328,7 @@ static void fmonty(struct other_stack *s,
* resultx/resultz: the x coordinate of the resulting curve point (short form)
* n: a little endian, 32-byte number
* q: a point of the curve (short form) */
-static void cmult(struct other_stack *s, limb *resultx, limb *resultz, const uint8_t *n, const limb *q)
+static void cmult(struct other_stack *s, limb *resultx, limb *resultz, const u8 *n, const limb *q)
{
unsigned i, j;
limb *nqpqx = s->a, *nqpqz = s->b, *nqx = s->c, *nqz = s->d, *t;
@@ -1338,7 +1338,7 @@ static void cmult(struct other_stack *s, limb *resultx, limb *resultz, const uin
memcpy(nqpqx, q, sizeof(limb) * 10);
for (i = 0; i < 32; ++i) {
- uint8_t byte = n[31 - i];
+ u8 byte = n[31 - i];
for (j = 0; j < 8; ++j) {
const limb bit = byte >> 7;
@@ -1374,7 +1374,7 @@ static void cmult(struct other_stack *s, limb *resultx, limb *resultz, const uin
memcpy(resultz, nqz, sizeof(limb) * 10);
}
-void curve25519(uint8_t mypublic[CURVE25519_POINT_SIZE], const uint8_t secret[CURVE25519_POINT_SIZE], const uint8_t basepoint[CURVE25519_POINT_SIZE])
+void curve25519(u8 mypublic[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE], const u8 basepoint[CURVE25519_POINT_SIZE])
{
struct other_stack *s = kzalloc(sizeof(struct other_stack), GFP_KERNEL);
if (unlikely(!s)) {
@@ -1396,15 +1396,15 @@ void curve25519(uint8_t mypublic[CURVE25519_POINT_SIZE], const uint8_t secret[CU
#endif
#endif
-void curve25519_generate_secret(uint8_t secret[CURVE25519_POINT_SIZE])
+void curve25519_generate_secret(u8 secret[CURVE25519_POINT_SIZE])
{
get_random_bytes(secret, CURVE25519_POINT_SIZE);
normalize_secret(secret);
}
-void curve25519_generate_public(uint8_t pub[CURVE25519_POINT_SIZE], const uint8_t secret[CURVE25519_POINT_SIZE])
+void curve25519_generate_public(u8 pub[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE])
{
- static const uint8_t basepoint[CURVE25519_POINT_SIZE] = { 9 };
+ static const u8 basepoint[CURVE25519_POINT_SIZE] = { 9 };
curve25519(pub, secret, basepoint);
}
diff --git a/src/crypto/curve25519.h b/src/crypto/curve25519.h
index 361b858..bd89e31 100644
--- a/src/crypto/curve25519.h
+++ b/src/crypto/curve25519.h
@@ -9,9 +9,9 @@ enum curve25519_lengths {
CURVE25519_POINT_SIZE = 32
};
-void curve25519(uint8_t mypublic[CURVE25519_POINT_SIZE], const uint8_t secret[CURVE25519_POINT_SIZE], const uint8_t basepoint[CURVE25519_POINT_SIZE]);
-void curve25519_generate_secret(uint8_t secret[CURVE25519_POINT_SIZE]);
-void curve25519_generate_public(uint8_t pub[CURVE25519_POINT_SIZE], const uint8_t secret[CURVE25519_POINT_SIZE]);
+void curve25519(u8 mypublic[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE], const u8 basepoint[CURVE25519_POINT_SIZE]);
+void curve25519_generate_secret(u8 secret[CURVE25519_POINT_SIZE]);
+void curve25519_generate_public(u8 pub[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE]);
#ifdef DEBUG
bool curve25519_selftest(void);
diff --git a/src/crypto/siphash24.c b/src/crypto/siphash24.c
index 1d3865a..d841894 100644
--- a/src/crypto/siphash24.c
+++ b/src/crypto/siphash24.c
@@ -4,7 +4,7 @@
#include <linux/kernel.h>
-#define ROTL(x,b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b))))
+#define ROTL(x,b) (u64)(((x) << (b)) | ((x) >> (64 - (b))))
#define U8TO64(p) le64_to_cpu(*(__le64 *)(p))
#define SIPROUND \
@@ -16,24 +16,24 @@
} while(0)
__attribute__((optimize("unroll-loops")))
-uint64_t siphash24(const uint8_t *data, size_t len, const uint8_t key[SIPHASH24_KEY_LEN])
+u64 siphash24(const u8 *data, size_t len, const u8 key[SIPHASH24_KEY_LEN])
{
- uint64_t v0 = 0x736f6d6570736575ULL;
- uint64_t v1 = 0x646f72616e646f6dULL;
- uint64_t v2 = 0x6c7967656e657261ULL;
- uint64_t v3 = 0x7465646279746573ULL;
- uint64_t b;
- uint64_t k0 = U8TO64(key);
- uint64_t k1 = U8TO64(key + sizeof(uint64_t));
- uint64_t m;
- const uint8_t *end = data + len - (len % sizeof(uint64_t));
- const uint8_t left = len & (sizeof(uint64_t) - 1);
- b = ((uint64_t)len) << 56;
+ u64 v0 = 0x736f6d6570736575ULL;
+ u64 v1 = 0x646f72616e646f6dULL;
+ u64 v2 = 0x6c7967656e657261ULL;
+ u64 v3 = 0x7465646279746573ULL;
+ u64 b;
+ u64 k0 = U8TO64(key);
+ u64 k1 = U8TO64(key + sizeof(u64));
+ u64 m;
+ const u8 *end = data + len - (len % sizeof(u64));
+ const u8 left = len & (sizeof(u64) - 1);
+ b = ((u64)len) << 56;
v3 ^= k1;
v2 ^= k0;
v1 ^= k1;
v0 ^= k0;
- for (; data != end; data += sizeof(uint64_t)) {
+ for (; data != end; data += sizeof(u64)) {
m = U8TO64(data);
v3 ^= m;
SIPROUND;
@@ -41,13 +41,13 @@ uint64_t siphash24(const uint8_t *data, size_t len, const uint8_t key[SIPHASH24_
v0 ^= m;
}
switch (left) {
- case 7: b |= ((uint64_t)data[6]) << 48;
- case 6: b |= ((uint64_t)data[5]) << 40;
- case 5: b |= ((uint64_t)data[4]) << 32;
- case 4: b |= ((uint64_t)data[3]) << 24;
- case 3: b |= ((uint64_t)data[2]) << 16;
- case 2: b |= ((uint64_t)data[1]) << 8;
- case 1: b |= ((uint64_t)data[0]); break;
+ case 7: b |= ((u64)data[6]) << 48;
+ case 6: b |= ((u64)data[5]) << 40;
+ case 5: b |= ((u64)data[4]) << 32;
+ case 4: b |= ((u64)data[3]) << 24;
+ case 3: b |= ((u64)data[2]) << 16;
+ case 2: b |= ((u64)data[1]) << 8;
+ case 1: b |= ((u64)data[0]); break;
case 0: break;
}
v3 ^= b;
@@ -60,7 +60,7 @@ uint64_t siphash24(const uint8_t *data, size_t len, const uint8_t key[SIPHASH24_
SIPROUND;
SIPROUND;
b = (v0 ^ v1) ^ (v2 ^ v3);
- return (__force uint64_t)cpu_to_le64(b);
+ return (__force u64)cpu_to_le64(b);
}
#include "../selftest/siphash24.h"
diff --git a/src/crypto/siphash24.h b/src/crypto/siphash24.h
index 5d99cb3..2ac9649 100644
--- a/src/crypto/siphash24.h
+++ b/src/crypto/siphash24.h
@@ -9,7 +9,7 @@ enum siphash24_lengths {
SIPHASH24_KEY_LEN = 16
};
-uint64_t siphash24(const uint8_t *data, size_t len, const uint8_t key[SIPHASH24_KEY_LEN]);
+u64 siphash24(const u8 *data, size_t len, const u8 key[SIPHASH24_KEY_LEN]);
#ifdef DEBUG
bool siphash24_selftest(void);
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.