[Libre-soc-bugs] [Bug 1157] Implement poly1305
bugzilla-daemon at libre-soc.org
bugzilla-daemon at libre-soc.org
Sun Sep 17 17:50:03 BST 2023
https://bugs.libre-soc.org/show_bug.cgi?id=1157
--- Comment #13 from Sadoon Albader <sadoon at albader.co> ---
(In reply to Luke Kenneth Casson Leighton from comment #12)
> (In reply to Sadoon Albader from comment #11)
>
> > Thanks for that, was planning to post my findings and chat logs ASAP but got
> > busy with something urgent over the weekend.
>
> no problem. i am currently going "oink" over how MUL macro works
> in poly1305-donna-64.h which is... behaving oddly
It's quite simple really, I hope this answers your concern:
- unsigned long long is 64 bits on 64-bit systems.
- d0,d1,d2, and d are uint128_t variables.
- all this MUL macro is doing is typecasting the multiplier to 128-bit unsigned
to
ensure that the result stays in 128-bits, because in all cases in the
poly1305_blocks
function the multiplication is between two 64-bit unsigned ints which results
in a
maximum of 128-bit length ints.
FWIW if you see any odd behavior, my poly1305.sv implementation you linked to
earlier
uses pure hardware multiplication and can replicate results from poly1305-donna
as long
as they are in multiples of 16 bytes (I had not implemented "leftover"
processing due
to lack of time back then). This was verified both in testbench and on two
FPGAs (CPLD & FPGA if I need to be pedantic)
Here's the testbench file (also from over two years ago, sorry for the messy
code)
https://albader.co/poly1305_tb.sv
I have only verified this working with ModelSim back then, and have not
verified it against the final poly1305.sv (64-bits vs 8-bits) file but it
should just work.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the libre-soc-bugs
mailing list