Don't recompute len(tweak).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
7c392675b8
commit
2a6b7c7733
8
ff1.py
8
ff1.py
|
@ -30,7 +30,7 @@ def ff1_aes256_encrypt(key, tweak, x):
|
||||||
n = len(x)
|
n = len(x)
|
||||||
t = len(tweak)
|
t = len(tweak)
|
||||||
assert minlen <= n and n <= maxlen
|
assert minlen <= n and n <= maxlen
|
||||||
assert len(tweak) <= maxTlen
|
assert t <= maxTlen
|
||||||
|
|
||||||
u = n//2; v = n-u
|
u = n//2; v = n-u
|
||||||
assert u == v
|
assert u == v
|
||||||
|
@ -39,7 +39,7 @@ def ff1_aes256_encrypt(key, tweak, x):
|
||||||
b = cldiv(v, 8)
|
b = cldiv(v, 8)
|
||||||
d = 4*cldiv(b, 4) + 4
|
d = 4*cldiv(b, 4) + 4
|
||||||
assert d <= 16
|
assert d <= 16
|
||||||
P = bytes([1, 2, 1, 0, 0, radix, 10, u % 256, 0, 0, 0, n, 0, 0, 0, len(tweak)])
|
P = bytes([1, 2, 1, 0, 0, radix, 10, u % 256, 0, 0, 0, n, 0, 0, 0, t])
|
||||||
for i in range(10):
|
for i in range(10):
|
||||||
Q = tweak + b'\0'*((-t-b-1) % 16) + bytes([i]) + bebs2osp(B)
|
Q = tweak + b'\0'*((-t-b-1) % 16) + bytes([i]) + bebs2osp(B)
|
||||||
y = beos2ip(aes_cbcmac(key, P + Q)[:d])
|
y = beos2ip(aes_cbcmac(key, P + Q)[:d])
|
||||||
|
@ -54,7 +54,7 @@ def ff1_aes256_decrypt(key, tweak, x):
|
||||||
n = len(x)
|
n = len(x)
|
||||||
t = len(tweak)
|
t = len(tweak)
|
||||||
assert minlen <= n and n <= maxlen
|
assert minlen <= n and n <= maxlen
|
||||||
assert len(tweak) <= maxTlen
|
assert t <= maxTlen
|
||||||
|
|
||||||
u = n//2; v = n-u
|
u = n//2; v = n-u
|
||||||
assert u == v
|
assert u == v
|
||||||
|
@ -63,7 +63,7 @@ def ff1_aes256_decrypt(key, tweak, x):
|
||||||
b = cldiv(v, 8)
|
b = cldiv(v, 8)
|
||||||
d = 4*cldiv(b, 4) + 4
|
d = 4*cldiv(b, 4) + 4
|
||||||
assert d <= 16
|
assert d <= 16
|
||||||
P = bytes([1, 2, 1, 0, 0, radix, 10, u % 256, 0, 0, 0, n, 0, 0, 0, len(tweak)])
|
P = bytes([1, 2, 1, 0, 0, radix, 10, u % 256, 0, 0, 0, n, 0, 0, 0, t])
|
||||||
for i in range(9, -1, -1):
|
for i in range(9, -1, -1):
|
||||||
Q = tweak + b'\0'*((-t-b-1) % 16) + bytes([i]) + bebs2osp(A)
|
Q = tweak + b'\0'*((-t-b-1) % 16) + bytes([i]) + bebs2osp(A)
|
||||||
y = beos2ip(aes_cbcmac(key, P + Q)[:d])
|
y = beos2ip(aes_cbcmac(key, P + Q)[:d])
|
||||||
|
|
Loading…
Reference in New Issue