Botan 2.19.2
Crypto and TLS for C&
poly_dbl.cpp
Go to the documentation of this file.
1/*
2* (C) 2017,2018 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#include <botan/internal/poly_dbl.h>
8#include <botan/loadstor.h>
9#include <botan/exceptn.h>
10
11namespace Botan {
12
13namespace {
14
15/*
16* The minimum weight irreducible binary polynomial of size n
17*
18* See http://www.hpl.hp.com/techreports/98/HPL-98-135.pdf
19*/
20enum class MinWeightPolynomial : uint64_t {
21 P64 = 0x1B,
22 P128 = 0x87,
23 P192 = 0x87,
24 P256 = 0x425,
25 P512 = 0x125,
26 P1024 = 0x80043,
27};
28
29template<size_t LIMBS, MinWeightPolynomial P>
30void poly_double(uint8_t out[], const uint8_t in[])
31 {
32 uint64_t W[LIMBS];
33 load_be(W, in, LIMBS);
34
35 const uint64_t POLY = static_cast<uint64_t>(P);
36
37 const uint64_t carry = POLY * (W[0] >> 63);
38
39 BOTAN_IF_CONSTEXPR(LIMBS > 0)
40 {
41 for(size_t i = 0; i != LIMBS - 1; ++i)
42 W[i] = (W[i] << 1) ^ (W[i+1] >> 63);
43 }
44
45 W[LIMBS-1] = (W[LIMBS-1] << 1) ^ carry;
46
47 copy_out_be(out, LIMBS*8, W);
48 }
49
50template<size_t LIMBS, MinWeightPolynomial P>
51void poly_double_le(uint8_t out[], const uint8_t in[])
52 {
53 uint64_t W[LIMBS];
54 load_le(W, in, LIMBS);
55
56 const uint64_t POLY = static_cast<uint64_t>(P);
57
58 const uint64_t carry = POLY * (W[LIMBS-1] >> 63);
59
60 BOTAN_IF_CONSTEXPR(LIMBS > 0)
61 {
62 for(size_t i = 0; i != LIMBS - 1; ++i)
63 W[LIMBS-1-i] = (W[LIMBS-1-i] << 1) ^ (W[LIMBS-2-i] >> 63);
64 }
65
66 W[0] = (W[0] << 1) ^ carry;
67
68 copy_out_le(out, LIMBS*8, W);
69 }
70
71}
72
73void poly_double_n(uint8_t out[], const uint8_t in[], size_t n)
74 {
75 switch(n)
76 {
77 case 8:
78 return poly_double<1, MinWeightPolynomial::P64>(out, in);
79 case 16:
80 return poly_double<2, MinWeightPolynomial::P128>(out, in);
81 case 24:
82 return poly_double<3, MinWeightPolynomial::P192>(out, in);
83 case 32:
84 return poly_double<4, MinWeightPolynomial::P256>(out, in);
85 case 64:
86 return poly_double<8, MinWeightPolynomial::P512>(out, in);
87 case 128:
88 return poly_double<16, MinWeightPolynomial::P1024>(out, in);
89 default:
90 throw Invalid_Argument("Unsupported size for poly_double_n");
91 }
92 }
93
94void poly_double_n_le(uint8_t out[], const uint8_t in[], size_t n)
95 {
96 switch(n)
97 {
98 case 8:
99 return poly_double_le<1, MinWeightPolynomial::P64>(out, in);
100 case 16:
101 return poly_double_le<2, MinWeightPolynomial::P128>(out, in);
102 case 24:
103 return poly_double_le<3, MinWeightPolynomial::P192>(out, in);
104 case 32:
105 return poly_double_le<4, MinWeightPolynomial::P256>(out, in);
106 case 64:
107 return poly_double_le<8, MinWeightPolynomial::P512>(out, in);
108 case 128:
109 return poly_double_le<16, MinWeightPolynomial::P1024>(out, in);
110 default:
111 throw Invalid_Argument("Unsupported size for poly_double_n_le");
112 }
113 }
114
115}
Botan::Invalid_Argument
Definition: exceptn.h:137
BOTAN_IF_CONSTEXPR
#define BOTAN_IF_CONSTEXPR
Definition: compiler.h:176
Botan
Definition: alg_id.cpp:13
Botan::copy_out_le
void copy_out_le(uint8_t out[], size_t out_bytes, const T in[])
Definition: loadstor.h:679
Botan::load_be
T load_be(const uint8_t in[], size_t off)
Definition: loadstor.h:107
Botan::carry
void carry(int64_t &h0, int64_t &h1)
Definition: ed25519_internal.h:32
Botan::poly_double_n_le
void poly_double_n_le(uint8_t out[], const uint8_t in[], size_t n)
Definition: poly_dbl.cpp:94
Botan::load_le
T load_le(const uint8_t in[], size_t off)
Definition: loadstor.h:123
Botan::poly_double_n
void poly_double_n(uint8_t out[], const uint8_t in[], size_t n)
Definition: poly_dbl.cpp:73
Botan::copy_out_be
void copy_out_be(uint8_t out[], size_t out_bytes, const T in[])
Definition: loadstor.h:658
Generated by doxygen 1.9.3