Re: [PATCH v2 2/2] random: use BLAKE2s instead of SHA1 in extraction

From: Jason A. Donenfeld
Date: Tue Jan 11 2022 - 13:26:25 EST


On Tue, Jan 11, 2022 at 4:47 PM David Laight <David.Laight@xxxxxxxxxx> wrote:
> > - int i;
> > + int i, j;
>
> Use unsigned int i, j;
> Ensures the '% 4' are done as '& 3' and the divides as shifts.
> Unless the compiler manages to track the valid values that will
> even generate better code on x86-64.
> (Saves a sign extension prior to the array indexes.)

Ack.

> I think I'd look at doing [0..3] then [4..7] to save execution time.

I actually wound up making the same change to sha1 instead of blake2s
for v2 of this, and achieved pretty similar results, but I think
that's more satisfactory of a conclusion. v2 is here:
https://lore.kernel.org/linux-crypto/20220111181037.632969-1-Jason@xxxxxxxxx/T/#u

Jason