projects
/
BearSSL
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Added support for getrandom()/getentropy(), and a fix for the RDRAND bug on AMD CPU...
[BearSSL]
/
src
/
hash
/
ghash_ctmul32.c
diff --git
a/src/hash/ghash_ctmul32.c
b/src/hash/ghash_ctmul32.c
index
d3380d4
..
c66af46
100644
(file)
--- a/
src/hash/ghash_ctmul32.c
+++ b/
src/hash/ghash_ctmul32.c
@@
-95,6
+95,13
@@
rev32(uint32_t x)
void
br_ghash_ctmul32(void *y, const void *h, const void *data, size_t len)
{
void
br_ghash_ctmul32(void *y, const void *h, const void *data, size_t len)
{
+ /*
+ * This implementation is similar to br_ghash_ctmul() except
+ * that we have to do the multiplication twice, with the
+ * "normal" and "bit reversed" operands. Hence we end up with
+ * eighteen 32-bit multiplications instead of nine.
+ */
+
const unsigned char *buf, *hb;
unsigned char *yb;
uint32_t yw[4];
const unsigned char *buf, *hb;
unsigned char *yb;
uint32_t yw[4];
projects / BearSSL / blobdiff