10 Jan
2018
10 Jan
'18
10:24 a.m.
Nikos Mavrogiannopoulos nmav@redhat.com writes:
The attached patch brings support for AES-128-CMAC. The code is based on the samba code.
Nice. I think I'll have to read up a bit to understand what it's doing.
The rshift and lshift functions come from the AES implementation bundled with samba.
These to just a single bit right or left shift of a 16-byte block? To me it seems odd to do that with a table lookup for each byte.
May be natural as functions operating on nettle_block16, and if platform endianness is right, could do the shifts in units of unsigned long or uint64_t. Shift and mask on 64-bit values may be preferable also if the endiannness is wrong.
Regards, /Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.