Welcome to little lamb

Code » limb » release » tree

[release] / src / liblimb / poly1305.h / poly1305_init.c 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
/* This file is part of limb                           https://lila.oss/limb
 * Copyright (C) 2023 Olivier Brunel                          jjk@jjacky.com */
/* Based on poly1305-donna
 * Copyright (C) 2016 Andrew Moon */
/* SPDX-License-Identifier: GPL-2.0-only */
#include <string.h>
#include <limb/poly1305.h>
#include "poly1305.h"

void
poly1305_init(const void *key_, void *ctx_)
{
    struct poly1305_ctx *ctx = ctx_;
    const u8 *key = key_;

    /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */
    ctx->r[0] = (U32(key +  0)     ) & 0x03ffffff;
    ctx->r[1] = (U32(key +  3) >> 2) & 0x03ffff03;
    ctx->r[2] = (U32(key +  6) >> 4) & 0x03ffc0ff;
    ctx->r[3] = (U32(key +  9) >> 6) & 0x03f03fff;
    ctx->r[4] = (U32(key + 12) >> 8) & 0x000fffff;

    /* s */
    memcpy(ctx->s, key + 16, 16);
    u32pa_le(ctx->s, 4);

    /* a = 0 */
    ctx->a[0] = ctx->a[1] = ctx->a[2] = ctx->a[3] = ctx->a[4] = 0;

    ctx->leftover = 0;
    ctx->final = 0;
}