Botan 3.0.0
Crypto and TLS for C&
poly_dbl.cpp
Go to the documentation of this file.
1/*
2* (C) 2017,2018 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#include <botan/internal/poly_dbl.h>
8#include <botan/internal/loadstor.h>
9#include <botan/exceptn.h>
10
11namespace Botan {
12
13namespace {
14
15/*
16* The minimum weight irreducible binary polynomial of size n
17*
18* See "Table of Low-Weight Binary Irreducible Polynomials"
19* by Gadiel Seroussi, HP Labs Tech Report HPL-98-135
20* http://www.hpl.hp.com/techreports/98/HPL-98-135.pdf
21*/
22enum class MinWeightPolynomial : uint64_t {
23 P64 = 0x1B,
24 P128 = 0x87,
25 P192 = 0x87,
26 P256 = 0x425,
27 P512 = 0x125,
28 P1024 = 0x80043,
29};
30
31template<size_t LIMBS, MinWeightPolynomial P>
32void poly_double(uint8_t out[], const uint8_t in[])
33 {
34 uint64_t W[LIMBS];
35 load_be(W, in, LIMBS);
36
37 const uint64_t POLY = static_cast<uint64_t>(P);
38
39 const uint64_t carry = POLY * (W[0] >> 63);
40
41 if constexpr(LIMBS > 0)
42 {
43 for(size_t i = 0; i != LIMBS - 1; ++i)
44 W[i] = (W[i] << 1) ^ (W[i+1] >> 63);
45 }
46
47 W[LIMBS-1] = (W[LIMBS-1] << 1) ^ carry;
48
49 copy_out_be(out, LIMBS*8, W);
50 }
51
52template<size_t LIMBS, MinWeightPolynomial P>
53void poly_double_le(uint8_t out[], const uint8_t in[])
54 {
55 uint64_t W[LIMBS];
56 load_le(W, in, LIMBS);
57
58 const uint64_t POLY = static_cast<uint64_t>(P);
59
60 const uint64_t carry = POLY * (W[LIMBS-1] >> 63);
61
62 if constexpr(LIMBS > 0)
63 {
64 for(size_t i = 0; i != LIMBS - 1; ++i)
65 W[LIMBS-1-i] = (W[LIMBS-1-i] << 1) ^ (W[LIMBS-2-i] >> 63);
66 }
67
68 W[0] = (W[0] << 1) ^ carry;
69
70 copy_out_le(out, LIMBS*8, W);
71 }
72
73}
74
75void poly_double_n(uint8_t out[], const uint8_t in[], size_t n)
76 {
77 switch(n)
78 {
79 case 8:
80 return poly_double<1, MinWeightPolynomial::P64>(out, in);
81 case 16:
82 return poly_double<2, MinWeightPolynomial::P128>(out, in);
83 case 24:
84 return poly_double<3, MinWeightPolynomial::P192>(out, in);
85 case 32:
86 return poly_double<4, MinWeightPolynomial::P256>(out, in);
87 case 64:
88 return poly_double<8, MinWeightPolynomial::P512>(out, in);
89 case 128:
90 return poly_double<16, MinWeightPolynomial::P1024>(out, in);
91 default:
92 throw Invalid_Argument("Unsupported size for poly_double_n");
93 }
94 }
95
96void poly_double_n_le(uint8_t out[], const uint8_t in[], size_t n)
97 {
98 switch(n)
99 {
100 case 8:
101 return poly_double_le<1, MinWeightPolynomial::P64>(out, in);
102 case 16:
103 return poly_double_le<2, MinWeightPolynomial::P128>(out, in);
104 case 24:
105 return poly_double_le<3, MinWeightPolynomial::P192>(out, in);
106 case 32:
107 return poly_double_le<4, MinWeightPolynomial::P256>(out, in);
108 case 64:
109 return poly_double_le<8, MinWeightPolynomial::P512>(out, in);
110 case 128:
111 return poly_double_le<16, MinWeightPolynomial::P1024>(out, in);
112 default:
113 throw Invalid_Argument("Unsupported size for poly_double_n_le");
114 }
115 }
116
117}
Botan::Invalid_Argument
Definition: exceptn.h:133
Botan
Definition: alg_id.cpp:12
Botan::copy_out_le
void copy_out_le(uint8_t out[], size_t out_bytes, const T in[])
Definition: loadstor.h:690
Botan::carry
void carry(int64_t &h0, int64_t &h1)
Definition: ed25519_internal.h:32
Botan::poly_double_n_le
void poly_double_n_le(uint8_t out[], const uint8_t in[], size_t n)
Definition: poly_dbl.cpp:96
Botan::load_le
constexpr T load_le(const uint8_t in[], size_t off)
Definition: loadstor.h:134
Botan::poly_double_n
void poly_double_n(uint8_t out[], const uint8_t in[], size_t n)
Definition: poly_dbl.cpp:75
Botan::copy_out_be
void copy_out_be(uint8_t out[], size_t out_bytes, const T in[])
Definition: loadstor.h:669
Botan::load_be
constexpr T load_be(const uint8_t in[], size_t off)
Definition: loadstor.h:118
Generated by doxygen 1.9.6