commit c76ceb677bfd86a73ccaa585c11b8f5122599d77
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Feb 21 09:50:17 2018 +0100
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Feb 27 12:39:12 2018 +0100
tree ae0d8f4280432dcc49ff76cb469d381ad130d4af
parent 9cc89248fe2773c611b996e2499f4f6327cb90a7

aria: move conditional outside of loop

library/aria.c

diff --git a/library/aria.c b/library/aria.c
index 6f76538..9b5febc 100644
--- a/library/aria.c
+++ b/library/aria.c
@@ -291,7 +291,7 @@
     r[3] = d ^ x[3];
 }
 
-// Big endian 128-bit rotation: d = a ^ (b <<< n), used only in key setup.
+// Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup.
 // This is relatively slow since our implementation is geared towards
 // little-endian targets and stores state in that order.
 
@@ -301,18 +301,17 @@
     uint8_t i, j;
     uint32_t t, u;
 
-    const uint8_t n1 = n & 0x1F;            // bit offset
-    const uint8_t n2 = 32 - n1;             // reverse bit offset
+    const uint8_t n1 = n % 32;              // bit offset
+    const uint8_t n2 = n1 ? 32 - n1 : 0;    // reverse bit offset
 
-    j = (n >> 5) & 3;                       // initial word offset
+    j = (n / 32) % 4;                       // initial word offset
     t = ARIA_FLIP1( ARIA_FLIP2( b[j] ) );   // big endian
     for( i = 0; i < 4; i++ )
     {
-        j = (j + 1) & 3;                    // get next word, big endian
+        j = (j + 1) % 4;                    // get next word, big endian
         u = ARIA_FLIP1( ARIA_FLIP2( b[j] ) );
         t <<= n1;                           // rotate
-        if (n2 < 32)                        // rotate 32 bits = 0 bits..
-            t |= u >> n2;
+        t |= u >> n2;
         t = ARIA_FLIP1( ARIA_FLIP2( t ) );  // back to little endian
         r[i] = a[i] ^ t;                    // store
         t = u;                              // move to next word