gf128mul.h - OpenGrok cross reference for /Linux-v6.1/include/crypto/gf128mul.h

Lines Matching +full:big +full:- +full:endian
1 /* gf128mul.h - GF(2^128) multiplication functions
16  ---------------------------------------------------------------------------
43  ---------------------------------------------------------------------------
59  * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf 
61  * The elements of GF(2^128) := GF(2)[X]/(X^128-X^7-X^2-X^1-1) can
73  * in every byte in little-endian order and the bytes themselves also in
74  * little endian order. I will call this lle (little-little-endian).
81  * bytes also. This is bbe (big-big-endian). Now the buffer above
86  * Both of the above formats are easy to implement on big-endian
90  * format (bits are stored in big endian order and the bytes in little
91  * endian). The above buffer represents X^7 in this case and the
94  * The common machine word-size is smaller than 128 bits, so to make
96  * This implementation uses 64-bit words for the moment. Machine
101  * Let's look at the bbe and ble format on a little endian machine.
103  * bbe on a little endian machine u32 x[4]:
113  * ble on a little endian machine
123  * Multiplications in GF(2^128) are mostly bit-shifts, so you see why
124  * ble (and lbe also) are easier to implement on a little-endian
125  * machine than on a big-endian machine. The converse holds for bbe
129  * to keep elements of GF(2^128) in type u64[2]. On 32-bit wordsize
130  * machines this will automatically aligned to wordsize and on a 64-bit
138     On little endian machines the bit indexes translate into the bit
139     positions within four 32-bit words in the following way
149     On big endian machines the bit indexes translate into the bit
150     positions within four 32-bit words in the following way
169  * the polynomial field representation.  They use 64-bit word operations
178 	/* a constant-time version of 'x & ((u64)1 << which) ? (u64)-1 : 0' */  in gf128mul_mask_from_bit()
179 	return ((s64)(x << (63 - which)) >> 63);  in gf128mul_mask_from_bit()
184 	u64 a = be64_to_cpu(x->a);  in gf128mul_x_lle()
185 	u64 b = be64_to_cpu(x->b);  in gf128mul_x_lle()
191 	r->b = cpu_to_be64((b >> 1) | (a << 63));  in gf128mul_x_lle()
192 	r->a = cpu_to_be64((a >> 1) ^ _tt);  in gf128mul_x_lle()
197 	u64 a = be64_to_cpu(x->a);  in gf128mul_x_bbe()
198 	u64 b = be64_to_cpu(x->b);  in gf128mul_x_bbe()
203 	r->a = cpu_to_be64((a << 1) | (b >> 63));  in gf128mul_x_bbe()
204 	r->b = cpu_to_be64((b << 1) ^ _tt);  in gf128mul_x_bbe()
210 	u64 a = le64_to_cpu(x->a);  in gf128mul_x_ble()
211 	u64 b = le64_to_cpu(x->b);  in gf128mul_x_ble()
216 	r->a = cpu_to_le64((a << 1) | (b >> 63));  in gf128mul_x_ble()
217 	r->b = cpu_to_le64((b << 1) ^ _tt);  in gf128mul_x_ble()