diff options
| -rw-r--r-- | src/block.rs | 16 | ||||
| -rw-r--r-- | src/lib.rs | 8 |
2 files changed, 20 insertions, 4 deletions
diff --git a/src/block.rs b/src/block.rs index 96c3496..8327286 100644 --- a/src/block.rs +++ b/src/block.rs @@ -12,6 +12,18 @@ pub struct Block(u8x16); #[cfg(not(feature = "simd"))] pub struct Block([u8; 16]); +macro_rules! add_ladder { + ($ar:expr, $lit:literal) => { + $ar[$lit] = $ar[$lit].wrapping_add(1); + }; + ($ar:expr, $lit:literal $($rest:literal) +) => { + $ar[$lit] = $ar[$lit].wrapping_add(1); + if $ar[$lit] == 0 { + add_ladder!($ar, $($rest) +); + } + }; +} + impl Block { pub fn null() -> Block { Block([0; 16].into()) @@ -95,6 +107,10 @@ impl Block { _ => (*self * 2).exp(exponent - 1), } } + + pub fn count_up(&mut self) { + add_ladder!(self, 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0); + } } impl From<[u8; 16]> for Block { @@ -705,17 +705,17 @@ fn aez_hash(aez: &Aez, tweaks: Tweak) -> Block { /// XOR's the result of aez_prf into the given buffer fn aez_prf(aez: &Aez, tweaks: Tweak, buffer: &mut [u8]) { - let mut index = 0u128; + let mut index = Block::null(); let delta = aez_hash(aez, tweaks); for chunk in buffer.chunks_exact_mut(16) { let chunk: &mut [u8; 16] = chunk.try_into().unwrap(); - let block = e(-1, 3, aez, delta ^ Block::from_int(index)); + let block = e(-1, 3, aez, delta ^ index); (block ^ Block::from(*chunk)).write_to(chunk); - index += 1; + index.count_up(); } let suffix_start = buffer.len() - buffer.len() % 16; let chunk = &mut buffer[suffix_start..]; - let block = e(-1, 3, aez, delta ^ Block::from_int(index)); + let block = e(-1, 3, aez, delta ^ index); for (a, b) in chunk.iter_mut().zip(block.bytes().iter()) { *a ^= *b; } |