diff options
Diffstat (limited to 'vendor/golang.org/x/crypto/poly1305/sum_amd64.go')
| -rw-r--r-- | vendor/golang.org/x/crypto/poly1305/sum_amd64.go | 56 |
1 files changed, 23 insertions, 33 deletions
diff --git a/vendor/golang.org/x/crypto/poly1305/sum_amd64.go b/vendor/golang.org/x/crypto/poly1305/sum_amd64.go index 2dbf42aa5..df56a652f 100644 --- a/vendor/golang.org/x/crypto/poly1305/sum_amd64.go +++ b/vendor/golang.org/x/crypto/poly1305/sum_amd64.go @@ -7,62 +7,52 @@ package poly1305 //go:noescape -func initialize(state *[7]uint64, key *[32]byte) +func update(state *macState, msg []byte) -//go:noescape -func update(state *[7]uint64, msg []byte) - -//go:noescape -func finalize(tag *[TagSize]byte, state *[7]uint64) - -// Sum generates an authenticator for m using a one-time key and puts the -// 16-byte result into out. Authenticating two different messages with the same -// key allows an attacker to forge messages at will. -func Sum(out *[16]byte, m []byte, key *[32]byte) { +func sum(out *[16]byte, m []byte, key *[32]byte) { h := newMAC(key) h.Write(m) h.Sum(out) } func newMAC(key *[32]byte) (h mac) { - initialize(&h.state, key) + initialize(key, &h.r, &h.s) return } -type mac struct { - state [7]uint64 // := uint64{ h0, h1, h2, r0, r1, pad0, pad1 } - - buffer [TagSize]byte - offset int -} +// mac is a wrapper for macGeneric that redirects calls that would have gone to +// updateGeneric to update. +// +// Its Write and Sum methods are otherwise identical to the macGeneric ones, but +// using function pointers would carry a major performance cost. +type mac struct{ macGeneric } -func (h *mac) Write(p []byte) (n int, err error) { - n = len(p) +func (h *mac) Write(p []byte) (int, error) { + nn := len(p) if h.offset > 0 { - remaining := TagSize - h.offset - if n < remaining { - h.offset += copy(h.buffer[h.offset:], p) - return n, nil + n := copy(h.buffer[h.offset:], p) + if h.offset+n < TagSize { + h.offset += n + return nn, nil } - copy(h.buffer[h.offset:], p[:remaining]) - p = p[remaining:] + p = p[n:] h.offset = 0 - update(&h.state, h.buffer[:]) + update(&h.macState, h.buffer[:]) } - if nn := len(p) - (len(p) % TagSize); nn > 0 { - update(&h.state, p[:nn]) - p = p[nn:] + if n := len(p) - (len(p) % TagSize); n > 0 { + update(&h.macState, p[:n]) + p = p[n:] } if len(p) > 0 { h.offset += copy(h.buffer[h.offset:], p) } - return n, nil + return nn, nil } func (h *mac) Sum(out *[16]byte) { - state := h.state + state := h.macState if h.offset > 0 { update(&state, h.buffer[:h.offset]) } - finalize(out, &state) + finalize(out, &state.h, &state.s) } |