vendor/libsodium/src/libsodium/crypto_onetimeauth/poly1305/sse2/poly1305_sse2.c in rbnacl-libsodium-1.0.13 vs vendor/libsodium/src/libsodium/crypto_onetimeauth/poly1305/sse2/poly1305_sse2.c in rbnacl-libsodium-1.0.15
- old
+ new
@@ -38,18 +38,18 @@
enum poly1305_state_flags_t {
poly1305_started = 1,
poly1305_final_shift8 = 4,
poly1305_final_shift16 = 8,
poly1305_final_r2_r = 16, /* use [r^2,r] for the final block */
- poly1305_final_r_1 = 32, /* use [r,1] for the final block */
+ poly1305_final_r_1 = 32 /* use [r,1] for the final block */
};
typedef struct poly1305_state_internal_t {
union {
uint64_t h[3];
uint32_t hh[10];
- }; /* 40 bytes */
+ } H; /* 40 bytes */
uint32_t R[5]; /* 20 bytes */
uint32_t R2[5]; /* 20 bytes */
uint32_t R4[5]; /* 20 bytes */
uint64_t pad[2]; /* 16 bytes */
uint64_t flags; /* 8 bytes */
@@ -118,13 +118,13 @@
if (!bytes) {
bytes = ~(unsigned long long) 0;
}
/* H = 0 */
- _mm_storeu_si128((xmmi *) (void *) &st->hh[0], _mm_setzero_si128());
- _mm_storeu_si128((xmmi *) (void *) &st->hh[4], _mm_setzero_si128());
- _mm_storeu_si128((xmmi *) (void *) &st->hh[8], _mm_setzero_si128());
+ _mm_storeu_si128((xmmi *) (void *) &st->H.hh[0], _mm_setzero_si128());
+ _mm_storeu_si128((xmmi *) (void *) &st->H.hh[4], _mm_setzero_si128());
+ _mm_storeu_si128((xmmi *) (void *) &st->H.hh[8], _mm_setzero_si128());
/* clamp key */
memcpy(&t0, key, 8);
memcpy(&t1, key + 8, 8);
r0 = t0 & 0xffc0fffffff;
@@ -240,13 +240,13 @@
H4 = _mm_or_si128(H4, HIBIT);
m += 32;
bytes -= 32;
st->flags |= poly1305_started;
} else {
- T0 = _mm_loadu_si128((const xmmi *) (const void *) &st->hh[0]);
- T1 = _mm_loadu_si128((const xmmi *) (const void *) &st->hh[4]);
- T2 = _mm_loadu_si128((const xmmi *) (const void *) &st->hh[8]);
+ T0 = _mm_loadu_si128((const xmmi *) (const void *) &st->H.hh[0]);
+ T1 = _mm_loadu_si128((const xmmi *) (const void *) &st->H.hh[4]);
+ T2 = _mm_loadu_si128((const xmmi *) (const void *) &st->H.hh[8]);
H0 = _mm_shuffle_epi32(T0, _MM_SHUFFLE(1, 1, 0, 0));
H1 = _mm_shuffle_epi32(T0, _MM_SHUFFLE(3, 3, 2, 2));
H2 = _mm_shuffle_epi32(T1, _MM_SHUFFLE(1, 1, 0, 0));
H3 = _mm_shuffle_epi32(T1, _MM_SHUFFLE(3, 3, 2, 2));
H4 = _mm_shuffle_epi32(T2, _MM_SHUFFLE(1, 1, 0, 0));
@@ -682,13 +682,13 @@
T2 = _mm_shuffle_epi32(H2, _MM_SHUFFLE(0, 0, 2, 0));
T3 = _mm_shuffle_epi32(H3, _MM_SHUFFLE(0, 0, 2, 0));
T4 = _mm_shuffle_epi32(H4, _MM_SHUFFLE(0, 0, 2, 0));
T0 = _mm_unpacklo_epi64(T0, T1);
T1 = _mm_unpacklo_epi64(T2, T3);
- _mm_storeu_si128((xmmi *) (void *) &st->hh[0], T0);
- _mm_storeu_si128((xmmi *) (void *) &st->hh[4], T1);
- _mm_storel_epi64((xmmi *) (void *) &st->hh[8], T4);
+ _mm_storeu_si128((xmmi *) (void *) &st->H.hh[0], T0);
+ _mm_storeu_si128((xmmi *) (void *) &st->H.hh[4], T1);
+ _mm_storel_epi64((xmmi *) (void *) &st->H.hh[8], T4);
} else {
uint32_t t0, t1, t2, t3, t4, b;
uint64_t h0, h1, h2, g0, g1, g2, c, nc;
/* H = H[0]+H[1] */
@@ -753,13 +753,13 @@
nc = ~c;
h0 = (h0 & nc) | (g0 & c);
h1 = (h1 & nc) | (g1 & c);
h2 = (h2 & nc) | (g2 & c);
- st->h[0] = h0;
- st->h[1] = h1;
- st->h[2] = h2;
+ st->H.h[0] = h0;
+ st->H.h[1] = h1;
+ st->H.h[2] = h2;
}
}
static void
poly1305_update(poly1305_state_internal_t *st, const unsigned char *m,
@@ -831,12 +831,12 @@
st->flags |= poly1305_final_r_1;
}
poly1305_blocks(st, NULL, 32);
}
- h0 = st->h[0];
- h1 = st->h[1];
- h2 = st->h[2];
+ h0 = st->H.h[0];
+ h1 = st->H.h[1];
+ h2 = st->H.h[2];
/* pad */
h0 = ((h0) | (h1 << 44));
h1 = ((h1 >> 20) | (h2 << 24));
#ifdef HAVE_AMD64_ASM