block modes: move Galois shifts to block-internal.h

[gd/nettle] / eax.c

diff --git a/eax.c b/eax.c
index 63f3ff82fe651203c66b7475442075f938b371c9..f0b6fac5c5b1e4e7f1ddc566e30c1502868a7689 100644 (file)
--- a/eax.c
+++ b/eax.c
@@ -82,27 +82,13 @@ omac_final (union nettle_block16 *state, const struct eax_key *key,
   f (cipher, EAX_BLOCK_SIZE, state->b, state->b);
 }
 
-/* Allows r == a */
-static void
-gf2_double (uint8_t *r, const uint8_t *a)
-{
-  unsigned high = - (a[0] >> 7);
-  unsigned i;
-  /* Shift left */
-  for (i = 0; i < EAX_BLOCK_SIZE - 1; i++)
-    r[i] = (a[i] << 1) + (a[i+1] >> 7);
-
-  /* Wrap around for x^{128} = x^7 + x^2 + x + 1 */
-  r[EAX_BLOCK_SIZE - 1] = (a[EAX_BLOCK_SIZE - 1] << 1) ^ (high & 0x87);
-}
-
 void
 eax_set_key (struct eax_key *key, const void *cipher, nettle_cipher_func *f)
 {
   static const union nettle_block16 zero_block;
   f (cipher, EAX_BLOCK_SIZE, key->pad_block.b, zero_block.b);
-  gf2_double (key->pad_block.b, key->pad_block.b);
-  gf2_double (key->pad_partial.b, key->pad_block.b);
+  block16_mulx_be (&key->pad_block, &key->pad_block);
+  block16_mulx_be (&key->pad_partial, &key->pad_block);
   block16_xor (&key->pad_partial, &key->pad_block);
 }