#define AES_192_CODE 19
#define AES_256_CODE 20
#define SHA_1_CODE 1
+#define SHA_256_CODE 2
+#define SHA_512_CODE 3
#define GHASH_CODE 65
struct s390x_features
int have_km_aes192;
int have_km_aes256;
int have_kimd_sha_1;
+ int have_kimd_sha_256;
+ int have_kimd_sha_512;
int have_kimd_ghash;
};
features->have_km_aes192 = 0;
features->have_km_aes256 = 0;
features->have_kimd_sha_1 = 0;
+ features->have_kimd_sha_256 = 0;
+ features->have_kimd_sha_512 = 0;
features->have_kimd_ghash = 0;
const char *s = secure_getenv (ENV_OVERRIDE);
else if (MATCH (s, length, "msa", 3))
features->have_kimd_sha_1 = 1;
else if (MATCH (s, length, "msa_x1", 6))
+ {
features->have_km_aes128 = 1;
+ features->have_kimd_sha_256 = 1;
+ }
else if (MATCH (s, length, "msa_x2", 6))
{
features->have_km_aes192 = 1;
features->have_km_aes256 = 1;
+ features->have_kimd_sha_512 = 1;
}
else if (MATCH (s, length, "msa_x4", 6))
features->have_kimd_ghash = 1;
_nettle_kimd_status(query_status);
if (query_status[FACILITY_INDEX(SHA_1_CODE)] & FACILITY_BIT(SHA_1_CODE))
features->have_kimd_sha_1 = 1;
+ if (query_status[FACILITY_INDEX(SHA_256_CODE)] & FACILITY_BIT(SHA_256_CODE))
+ features->have_kimd_sha_256 = 1;
+ if (query_status[FACILITY_INDEX(SHA_512_CODE)] & FACILITY_BIT(SHA_512_CODE))
+ features->have_kimd_sha_512 = 1;
}
if (facilities[FACILITY_INDEX(FAC_MSA_X4)] & FACILITY_BIT(FAC_MSA_X4))
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, c)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, s390x)
+DECLARE_FAT_FUNC(_nettle_sha256_compress, sha256_compress_func)
+DECLARE_FAT_FUNC_VAR(sha256_compress, sha256_compress_func, c)
+DECLARE_FAT_FUNC_VAR(sha256_compress, sha256_compress_func, s390x)
+
+DECLARE_FAT_FUNC(_nettle_sha512_compress, sha512_compress_func)
+DECLARE_FAT_FUNC_VAR(sha512_compress, sha512_compress_func, c)
+DECLARE_FAT_FUNC_VAR(sha512_compress, sha512_compress_func, s390x)
+
static void CONSTRUCTOR
fat_init (void)
{
{
nettle_sha1_compress_vec = _nettle_sha1_compress_c;
}
+
+ /* SHA256 */
+ if (features.have_kimd_sha_256)
+ {
+ if (verbose)
+ fprintf (stderr, "libnettle: enabling hardware accelerated SHA256 compress code.\n");
+ _nettle_sha256_compress_vec = _nettle_sha256_compress_s390x;
+ }
+ else
+ {
+ _nettle_sha256_compress_vec = _nettle_sha256_compress_c;
+ }
+
+ /* SHA512 */
+ if (features.have_kimd_sha_512)
+ {
+ if (verbose)
+ fprintf (stderr, "libnettle: enabling hardware accelerated SHA512 compress code.\n");
+ _nettle_sha512_compress_vec = _nettle_sha512_compress_s390x;
+ }
+ else
+ {
+ _nettle_sha512_compress_vec = _nettle_sha512_compress_c;
+ }
}
/* MEMXOR3 */
DEFINE_FAT_FUNC(nettle_sha1_compress, void,
(uint32_t *state, const uint8_t *input),
(state, input))
+
+/* SHA256 */
+DEFINE_FAT_FUNC(_nettle_sha256_compress, void,
+ (uint32_t *state, const uint8_t *input, const uint32_t *k),
+ (state, input, k))
+
+/* SHA512 */
+DEFINE_FAT_FUNC(_nettle_sha512_compress, void,
+ (uint64_t *state, const uint8_t *input, const uint64_t *k),
+ (state, input, k))
--- /dev/null
+C s390x/fat/sha256-compress-2.asm
+
+ifelse(`
+ Copyright (C) 2021 Mamone Tarsha
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+')
+
+dnl PROLOGUE(_nettle_sha256_compress) picked up by configure
+
+define(`fat_transform', `$1_s390x')
+include_src(`s390x/msa_x1/sha256-compress.asm')
--- /dev/null
+C s390x/fat/sha512-compress-2.asm
+
+ifelse(`
+ Copyright (C) 2021 Mamone Tarsha
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+')
+
+dnl PROLOGUE(_nettle_sha512_compress) picked up by configure
+
+define(`fat_transform', `$1_s390x')
+include_src(`s390x/msa_x2/sha512-compress.asm')
--- /dev/null
+C s390x/msa_x1/sha256-compress.asm
+
+ifelse(`
+ Copyright (C) 2021 Mamone Tarsha
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+')
+
+C KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) is specefied in
+C "z/Architecture Principles of Operation SA22-7832-12" as follows:
+C A function specified by the function code in general register 0 is performed.
+C General register 1 contains the logical address of the leftmost byte of the parameter block in storage.
+C the second operand is processed as specified by the function code using an initial chaining value in
+C the parameter block, and the result replaces the chaining value.
+
+C This implementation uses KIMD-SHA-256 function.
+C The parameter block used for the KIMD-SHA-256 function has the following format:
+C *----------------------------------------------*
+C | H0 (4 bytes) |
+C |----------------------------------------------|
+C | H1 (4 bytes) |
+C |----------------------------------------------|
+C | H2 (4 bytes) |
+C |----------------------------------------------|
+C | H3 (4 bytes) |
+C |----------------------------------------------|
+C | H4 (4 bytes) |
+C |----------------------------------------------|
+C | H5 (4 bytes) |
+C |----------------------------------------------|
+C | H6 (4 bytes) |
+C |----------------------------------------------|
+C | H7 (4 bytes) |
+C *----------------------------------------------*
+
+.file "sha256-compress.asm"
+
+.text
+
+C SHA function code
+define(`SHA256_FUNCTION_CODE', `2')
+C Size of block
+define(`SHA256_BLOCK_SIZE', `64')
+
+C void
+C _nettle_sha256_compress(uint32_t *state, const uint8_t *input,
+C const uint32_t *k)
+
+PROLOGUE(_nettle_sha256_compress)
+ lghi %r0,SHA256_FUNCTION_CODE C SHA-256 Function Code
+ lgr %r1,%r2
+ lgr %r4,%r3
+ lghi %r5,SHA256_BLOCK_SIZE
+1: .long 0xb93e0004 C kimd %r0,%r4. perform KIMD-SHA operation on data
+ brc 1,1b
+ br RA
+EPILOGUE(_nettle_sha256_compress)
--- /dev/null
+C s390x/msa_x2/sha512-compress.asm
+
+ifelse(`
+ Copyright (C) 2021 Mamone Tarsha
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+')
+
+C KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) is specefied in
+C "z/Architecture Principles of Operation SA22-7832-12" as follows:
+C A function specified by the function code in general register 0 is performed.
+C General register 1 contains the logical address of the leftmost byte of the parameter block in storage.
+C the second operand is processed as specified by the function code using an initial chaining value in
+C the parameter block, and the result replaces the chaining value.
+
+C This implementation uses KIMD-SHA-512 function.
+C The parameter block used for the KIMD-SHA-512 function has the following format:
+C *----------------------------------------------*
+C | H0 (8 bytes) |
+C |----------------------------------------------|
+C | H1 (8 bytes) |
+C |----------------------------------------------|
+C | H2 (8 bytes) |
+C |----------------------------------------------|
+C | H3 (8 bytes) |
+C |----------------------------------------------|
+C | H4 (8 bytes) |
+C |----------------------------------------------|
+C | H5 (8 bytes) |
+C |----------------------------------------------|
+C | H6 (8 bytes) |
+C |----------------------------------------------|
+C | H7 (8 bytes) |
+C *----------------------------------------------*
+
+.file "sha512-compress.asm"
+
+.text
+
+C SHA function code
+define(`SHA512_FUNCTION_CODE', `3')
+C Size of block
+define(`SHA512_BLOCK_SIZE', `128')
+
+C void
+C _nettle_sha512_compress(uint64_t *state, const uint8_t *input,
+C const uint64_t *k)
+
+PROLOGUE(_nettle_sha512_compress)
+ lghi %r0,SHA512_FUNCTION_CODE C SHA-512 Function Code
+ lgr %r1,%r2
+ lgr %r4,%r3
+ lghi %r5,SHA512_BLOCK_SIZE
+1: .long 0xb93e0004 C kimd %r0,%r4. perform KIMD-SHA operation on data
+ brc 1,1b
+ br RA
+EPILOGUE(_nettle_sha512_compress)
projects / thirdparty / nettle.git / commitdiff
