aboutsummaryrefslogtreecommitdiff
path: root/src/lib.rs
diff options
context:
space:
mode:
authorDaniel Schadt <kingdread@gmx.de>2025-04-15 22:29:06 +0200
committerDaniel Schadt <kingdread@gmx.de>2025-04-15 22:30:40 +0200
commit5e05745e93a126673f2ba96d1746637fe0a3f52d (patch)
tree56c78314ca63ca875bfbd5326116a4ff382de7a8 /src/lib.rs
parent9b6cdde3509aa269b77698283f8080c587d4d1dc (diff)
downloadzears-5e05745e93a126673f2ba96d1746637fe0a3f52d.tar.gz
zears-5e05745e93a126673f2ba96d1746637fe0a3f52d.tar.bz2
zears-5e05745e93a126673f2ba96d1746637fe0a3f52d.zip
slightly speed up aez_prf
It doesn't matter much because we barely expect tau > 16, but if somebody decides to use aez as a way to generate a lot of pseudorandom bytes, then oh well. With this change, we make better use of SIMD block xor'ing if available.
Diffstat (limited to 'src/lib.rs')
-rw-r--r--src/lib.rs13
1 files changed, 9 insertions, 4 deletions
diff --git a/src/lib.rs b/src/lib.rs
index 8985c2e..49a83d6 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -626,13 +626,18 @@ fn aez_hash(aez: &Aez, tweaks: Tweak) -> Block {
fn aez_prf(aez: &Aez, tweaks: Tweak, buffer: &mut [u8]) {
let mut index = 0u128;
let delta = aez_hash(aez, tweaks);
- for chunk in buffer.chunks_mut(16) {
+ for chunk in buffer.chunks_exact_mut(16) {
+ let chunk: &mut [u8; 16] = chunk.try_into().unwrap();
let block = e(-1, 3, aez, delta ^ Block::from_int(index));
- for (a, b) in chunk.iter_mut().zip(block.bytes().iter()) {
- *a ^= b;
- }
+ (block ^ Block::from(*chunk)).write_to(chunk);
index += 1;
}
+ let suffix_start = buffer.len() - buffer.len() % 16;
+ let chunk = &mut buffer[suffix_start..];
+ let block = e(-1, 3, aez, delta ^ Block::from_int(index));
+ for (a, b) in chunk.iter_mut().zip(block.bytes().iter()) {
+ *a ^= *b;
+ }
}
/// Represents a computation of E_K^{j,i}.
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-14 09:48:03 +0000