Skip to content

Commit

Permalink
Try to load twice the number of blocks when absorbing large ADs
Browse files Browse the repository at this point in the history
  • Loading branch information
@jedisct1
jedisct1 committed May 11, 2024
1 parent 7ed815a commit 2579b1a
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 3 deletions.
14 changes: 13 additions & 1 deletion src/aegis128l/aegis128l_common.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -548,7 +548,19 @@ state_mac_update(aegis128l_state *st_, const uint8_t *ad, size_t adlen)
ad += RATE - left;
adlen -= RATE - left;
}
for (i = 0; i + RATE <= adlen; i += RATE) {
for (i = 0; i + RATE * 2 <= adlen; i += RATE * 2) {
aes_block_t msg0, msg1, msg2, msg3;

msg0 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 0);
msg1 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 1);
msg2 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 2);
msg3 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 3);
COMPILER_ASSERT(AES_BLOCK_LENGTH * 4 == RATE * 2);

aegis128l_update(st->state, msg0, msg1);
aegis128l_update(st->state, msg2, msg3);
}
for (; i + RATE <= adlen; i += RATE) {
aegis128l_absorb(ad + i, st->state);
}
if (i < adlen) {
Expand Down
14 changes: 13 additions & 1 deletion src/aegis128x2/aegis128x2_common.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -582,7 +582,19 @@ state_mac_update(aegis128x2_state *st_, const uint8_t *ad, size_t adlen)
ad += RATE - left;
adlen -= RATE - left;
}
for (i = 0; i + RATE <= adlen; i += RATE) {
for (i = 0; i + RATE * 2 <= adlen; i += RATE * 2) {
aes_block_t msg0, msg1, msg2, msg3;

msg0 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 0);
msg1 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 1);
msg2 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 2);
msg3 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 3);
COMPILER_ASSERT(AES_BLOCK_LENGTH * 4 == RATE * 2);

aegis128x2_update(st->state, msg0, msg1);
aegis128x2_update(st->state, msg2, msg3);
}
for (; i + RATE <= adlen; i += RATE) {
aegis128x2_absorb(ad + i, st->state);
}
if (i < adlen) {
Expand Down
14 changes: 13 additions & 1 deletion src/aegis128x4/aegis128x4_common.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -597,7 +597,19 @@ state_mac_update(aegis128x4_state *st_, const uint8_t *ad, size_t adlen)
ad += RATE - left;
adlen -= RATE - left;
}
for (i = 0; i + RATE <= adlen; i += RATE) {
for (i = 0; i + RATE * 2 <= adlen; i += RATE * 2) {
aes_block_t msg0, msg1, msg2, msg3;

msg0 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 0);
msg1 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 1);
msg2 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 2);
msg3 = AES_BLOCK_LOAD(ad + i + AES_BLOCK_LENGTH * 3);
COMPILER_ASSERT(AES_BLOCK_LENGTH * 4 == RATE * 2);

aegis128x4_update(st->state, msg0, msg1);
aegis128x4_update(st->state, msg2, msg3);
}
for (; i + RATE <= adlen; i += RATE) {
aegis128x4_absorb(ad + i, st->state);
}
if (i < adlen) {
Expand Down

0 comments on commit 2579b1a

Please sign in to comment.