+2020-07-08 Niels Möller <nisse@lysator.liu.se>
+
+ Rearrange salsa20, enabling ARM fat builds to use sala20_2core.
+ * salsa20-crypt-internal.c (_salsa20_crypt_2core)
+ (_salsa20_crypt_1core): New file, new functions. One or the other
+ is used for implementing salsa20_crypt and salsa20r12_crypt,
+ depending on availability of salsa20_2core.
+ * salsa20-crypt.c (salsa20_crypt): Call _salsa20_crypt.
+ * salsa20r12-crypt.c (salsa20r12_crypt): Likewise.
+ * salsa20-internal.h: Declare new internal functions.
+ * Makefile.in (nettle_SOURCES): Add salsa20-crypt-internal.c.
+ * fat-setup.h (salsa20_crypt_func): New typedef.
+ * fat-arm.c (_salsa20_crypt): Select _salsa20_crypt
+ implementation, use 2core version when Neon instructions are
+ available.
+ * arm/fat/salsa20-2core.asm: New file, including Neon
+ implementation. Trigger configure's HAVE_NATIVE_fat_salsa20_2core,
+ * configure.ac: Add HAVE_NATIVE_fat_salsa20_2core, to identify the
+ case that salsa20_2core is defined, but runtime checks are needed
+ to determine if it is usable.
+
2020-07-06 Niels Möller <nisse@lysator.liu.se>
* testsuite/salsa20-test.c (test_salsa20_core): New function, test
poly1305-aes.c poly1305-internal.c \
realloc.c \
ripemd160.c ripemd160-compress.c ripemd160-meta.c \
- salsa20-core-internal.c \
+ salsa20-core-internal.c salsa20-crypt-internal.c \
salsa20-crypt.c salsa20r12-crypt.c salsa20-set-key.c \
salsa20-set-nonce.c \
salsa20-128-set-key.c salsa20-256-set-key.c \
--- /dev/null
+C arm/fat/salsa20-2core.asm
+
+
+ifelse(<
+ Copyright (C) 2020 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+>)
+
+dnl PROLOGUE(_nettle_fat_salsa20_2core) picked up by configure
+
+include_src(<arm/neon/salsa20-2core.asm>)
#undef HAVE_NATIVE_gcm_hash8
#undef HAVE_NATIVE_salsa20_core
#undef HAVE_NATIVE_salsa20_2core
+#undef HAVE_NATIVE_fat_salsa20_2core
#undef HAVE_NATIVE_sha1_compress
#undef HAVE_NATIVE_sha256_compress
#undef HAVE_NATIVE_sha512_compress
#include "nettle-types.h"
#include "aes-internal.h"
+#include "salsa20-internal.h"
#include "fat-setup.h"
struct arm_features
DECLARE_FAT_FUNC_VAR(salsa20_core, salsa20_core_func, c)
DECLARE_FAT_FUNC_VAR(salsa20_core, salsa20_core_func, neon)
+DECLARE_FAT_FUNC(_nettle_salsa20_crypt, salsa20_crypt_func)
+DECLARE_FAT_FUNC_VAR(salsa20_crypt, salsa20_crypt_func, 1core)
+DECLARE_FAT_FUNC_VAR(salsa20_crypt, salsa20_crypt_func, 2core)
+
DECLARE_FAT_FUNC(nettle_sha1_compress, sha1_compress_func)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, c)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, armv6)
if (verbose)
fprintf (stderr, "libnettle: enabling neon code.\n");
_nettle_salsa20_core_vec = _nettle_salsa20_core_neon;
+ _nettle_salsa20_crypt_vec = _nettle_salsa20_crypt_2core;
_nettle_sha512_compress_vec = _nettle_sha512_compress_neon;
nettle_sha3_permute_vec = _nettle_sha3_permute_neon;
_nettle_umac_nh_vec = _nettle_umac_nh_neon;
if (verbose)
fprintf (stderr, "libnettle: not enabling neon code.\n");
_nettle_salsa20_core_vec = _nettle_salsa20_core_c;
+ _nettle_salsa20_crypt_vec = _nettle_salsa20_crypt_1core;
_nettle_sha512_compress_vec = _nettle_sha512_compress_c;
nettle_sha3_permute_vec = _nettle_sha3_permute_c;
_nettle_umac_nh_vec = _nettle_umac_nh_c;
(uint32_t *dst, const uint32_t *src, unsigned rounds),
(dst, src, rounds))
+DEFINE_FAT_FUNC(_nettle_salsa20_crypt, void,
+ (struct salsa20_ctx *ctx, unsigned rounds,
+ size_t length, uint8_t *dst,
+ const uint8_t *src),
+ (ctx, rounds, length, dst, src))
+
DEFINE_FAT_FUNC(nettle_sha1_compress, void,
(uint32_t *state, const uint8_t *input),
(state, input))
#define ENV_VERBOSE "NETTLE_FAT_VERBOSE"
#define ENV_OVERRIDE "NETTLE_FAT_OVERRIDE"
+struct salsa20_ctx;
+
/* DECLARE_FAT_FUNC(name, ftype)
*
* name is the public function, e.g., _nettle_aes_encrypt.
typedef void *(memxor_func)(void *dst, const void *src, size_t n);
typedef void salsa20_core_func (uint32_t *dst, const uint32_t *src, unsigned rounds);
+typedef void salsa20_crypt_func (struct salsa20_ctx *ctx, unsigned rounds,
+ size_t length, uint8_t *dst,
+ const uint8_t *src);
typedef void sha1_compress_func(uint32_t *state, const uint8_t *input);
typedef void sha256_compress_func(uint32_t *state, const uint8_t *input, const uint32_t *k);
--- /dev/null
+/* salsa20-crypt-internal.c
+
+ The Salsa20 stream cipher.
+
+ Copyright (C) 2012 Simon Josefsson
+ Copyright (C) 2020 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+
+#include "salsa20.h"
+#include "salsa20-internal.h"
+
+#include "macros.h"
+#include "memxor.h"
+
+#if HAVE_NATIVE_salsa20_2core
+#define _salsa20_crypt_2core _salsa20_crypt
+#elif !HAVE_NATIVE_fat_salsa20_2core
+#define _salsa20_crypt_1core _salsa20_crypt
+#endif
+
+#if HAVE_NATIVE_salsa20_2core || HAVE_NATIVE_fat_salsa20_2core
+void
+_salsa20_crypt_2core(struct salsa20_ctx *ctx, unsigned rounds,
+ size_t length, uint8_t *dst,
+ const uint8_t *src)
+{
+ uint32_t x[2*_SALSA20_INPUT_LENGTH];
+ while (length > SALSA20_BLOCK_SIZE)
+ {
+ _salsa20_2core (x, ctx->input, rounds);
+ ctx->input[8] += 2;
+ ctx->input[9] += (ctx->input[8] < 2);
+ if (length < 2 * SALSA20_BLOCK_SIZE)
+ {
+ memxor3 (dst, src, x, length);
+ return;
+ }
+ memxor3 (dst, src, x, 2*SALSA20_BLOCK_SIZE);
+
+ length -= 2*SALSA20_BLOCK_SIZE;
+ dst += 2*SALSA20_BLOCK_SIZE;
+ src += 2*SALSA20_BLOCK_SIZE;
+ }
+ _salsa20_core (x, ctx->input, rounds);
+ ctx->input[9] += (++ctx->input[8] == 0);
+ memxor3 (dst, src, x, length);
+}
+#endif
+
+#if !HAVE_NATIVE_salsa20_2core
+void
+_salsa20_crypt_1core(struct salsa20_ctx *ctx, unsigned rounds,
+ size_t length,
+ uint8_t *dst,
+ const uint8_t *src)
+{
+ for (;;)
+ {
+ uint32_t x[_SALSA20_INPUT_LENGTH];
+
+ _salsa20_core (x, ctx->input, rounds);
+
+ ctx->input[9] += (++ctx->input[8] == 0);
+
+ /* stopping at 2^70 length per nonce is user's responsibility */
+
+ if (length <= SALSA20_BLOCK_SIZE)
+ {
+ memxor3 (dst, src, x, length);
+ return;
+ }
+ memxor3 (dst, src, x, SALSA20_BLOCK_SIZE);
+
+ length -= SALSA20_BLOCK_SIZE;
+ dst += SALSA20_BLOCK_SIZE;
+ src += SALSA20_BLOCK_SIZE;
+ }
+}
+#endif
# include "config.h"
#endif
-#include <string.h>
-
#include "salsa20.h"
#include "salsa20-internal.h"
-#include "macros.h"
-#include "memxor.h"
-
void
salsa20_crypt(struct salsa20_ctx *ctx,
size_t length,
if (!length)
return;
-#if HAVE_NATIVE_salsa20_2core
- uint32_t x[2*_SALSA20_INPUT_LENGTH];
- while (length > SALSA20_BLOCK_SIZE)
- {
- _salsa20_2core (x, ctx->input, 20);
- ctx->input[8] += 2;
- ctx->input[9] += (ctx->input[8] < 2);
- if (length < 2 * SALSA20_BLOCK_SIZE)
- {
- memxor3 (c, m, x, length);
- return;
- }
- memxor3 (c, m, x, 2*SALSA20_BLOCK_SIZE);
-
- length -= 2*SALSA20_BLOCK_SIZE;
- c += 2*SALSA20_BLOCK_SIZE;
- m += 2*SALSA20_BLOCK_SIZE;
- }
- _salsa20_core (x, ctx->input, 20);
- ctx->input[9] += (++ctx->input[8] == 0);
- memxor3 (c, m, x, length);
- return;
-#else
- for (;;)
- {
- uint32_t x[_SALSA20_INPUT_LENGTH];
-
- _salsa20_core (x, ctx->input, 20);
-
- ctx->input[9] += (++ctx->input[8] == 0);
-
- /* stopping at 2^70 length per nonce is user's responsibility */
-
- if (length <= SALSA20_BLOCK_SIZE)
- {
- memxor3 (c, m, x, length);
- return;
- }
- memxor3 (c, m, x, SALSA20_BLOCK_SIZE);
-
- length -= SALSA20_BLOCK_SIZE;
- c += SALSA20_BLOCK_SIZE;
- m += SALSA20_BLOCK_SIZE;
- }
-#endif
+ _salsa20_crypt (ctx, 20, length, c, m);
}
#define NETTLE_SALSA20_INTERNAL_H_INCLUDED
#include "nettle-types.h"
+#include "salsa20.h"
#define _salsa20_core _nettle_salsa20_core
#define _salsa20_2core _nettle_salsa20_2core
+#define _salsa20_crypt _nettle_salsa20_crypt
+#define _salsa20_crypt_1core _nettle_salsa20_crypt_1core
+#define _salsa20_crypt_2core _nettle_salsa20_crypt_2core
void
_salsa20_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
+void
+_salsa20_crypt(struct salsa20_ctx *ctx, unsigned rounds,
+ size_t length, uint8_t *dst,
+ const uint8_t *src);
+
+/* Functions available only in some configurations */
void
_salsa20_2core(uint32_t *dst, const uint32_t *src, unsigned rounds);
+void
+_salsa20_crypt_1core(struct salsa20_ctx *ctx, unsigned rounds,
+ size_t length, uint8_t *dst,
+ const uint8_t *src);
+void
+_salsa20_crypt_2core(struct salsa20_ctx *ctx, unsigned rounds,
+ size_t length, uint8_t *dst,
+ const uint8_t *src);
+
#endif /* NETTLE_SALSA20_INTERNAL_H_INCLUDED */
# include "config.h"
#endif
-#include <string.h>
-
#include "salsa20.h"
#include "salsa20-internal.h"
-#include "macros.h"
-#include "memxor.h"
-
void
salsa20r12_crypt(struct salsa20_ctx *ctx,
size_t length,
{
if (!length)
return;
-
-#if HAVE_NATIVE_salsa20_2core
- uint32_t x[2*_SALSA20_INPUT_LENGTH];
- while (length > SALSA20_BLOCK_SIZE)
- {
- _salsa20_2core (x, ctx->input, 12);
- ctx->input[8] += 2;
- ctx->input[9] += (ctx->input[8] < 2);
- if (length < 2 * SALSA20_BLOCK_SIZE)
- {
- memxor3 (c, m, x, length);
- return;
- }
- memxor3 (c, m, x, 2*SALSA20_BLOCK_SIZE);
-
- length -= 2*SALSA20_BLOCK_SIZE;
- c += 2*SALSA20_BLOCK_SIZE;
- m += 2*SALSA20_BLOCK_SIZE;
- }
- _salsa20_core (x, ctx->input, 12);
- ctx->input[9] += (++ctx->input[8] == 0);
- memxor3 (c, m, x, length);
- return;
-#else
- for (;;)
- {
- uint32_t x[_SALSA20_INPUT_LENGTH];
-
- _salsa20_core (x, ctx->input, 12);
- ctx->input[9] += (++ctx->input[8] == 0);
-
- /* stopping at 2^70 length per nonce is user's responsibility */
-
- if (length <= SALSA20_BLOCK_SIZE)
- {
- memxor3 (c, m, x, length);
- return;
- }
- memxor3 (c, m, x, SALSA20_BLOCK_SIZE);
-
- length -= SALSA20_BLOCK_SIZE;
- c += SALSA20_BLOCK_SIZE;
- m += SALSA20_BLOCK_SIZE;
- }
-#endif
+ _salsa20_crypt (ctx, 12, length, c, m);
}
projects / thirdparty / nettle.git / commitdiff
