From: Tomas Mraz Date: Fri, 18 Jun 2021 15:35:40 +0000 (+0200) Subject: ppccap.c: Split out algorithm-specific functions X-Git-Tag: openssl-3.0.0-beta2~194 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3d178db73b1ac13011e950baae5225837c587df1;p=thirdparty%2Fopenssl.git ppccap.c: Split out algorithm-specific functions Fixes #13336 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/15828) --- diff --git a/crypto/bn/bn_ppc.c b/crypto/bn/bn_ppc.c new file mode 100644 index 00000000000..24b384acbd1 --- /dev/null +++ b/crypto/bn/bn_ppc.c @@ -0,0 +1,51 @@ +/* + * Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include "crypto/ppc_arch.h" +#include "bn_local.h" + +int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, + const BN_ULONG *np, const BN_ULONG *n0, int num) +{ + int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, + const BN_ULONG *np, const BN_ULONG *n0, int num); + int bn_mul4x_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, + const BN_ULONG *np, const BN_ULONG *n0, int num); + int bn_mul_mont_fixed_n6(BN_ULONG *rp, const BN_ULONG *ap, + const BN_ULONG *bp, const BN_ULONG *np, + const BN_ULONG *n0, int num); + int bn_mul_mont_300_fixed_n6(BN_ULONG *rp, const BN_ULONG *ap, + const BN_ULONG *bp, const BN_ULONG *np, + const BN_ULONG *n0, int num); + + if (num < 4) + return 0; + + if ((num & 3) == 0) + return bn_mul4x_mont_int(rp, ap, bp, np, n0, num); + + /* + * There used to be [optional] call to bn_mul_mont_fpu64 here, + * but above subroutine is faster on contemporary processors. + * Formulation means that there might be old processors where + * FPU code path would be faster, POWER6 perhaps, but there was + * no opportunity to figure it out... + */ + + if (num == 6) { + if (OPENSSL_ppccap_P & PPC_MADD300) + return bn_mul_mont_300_fixed_n6(rp, ap, bp, np, n0, num); + else + return bn_mul_mont_fixed_n6(rp, ap, bp, np, n0, num); + } + + return bn_mul_mont_int(rp, ap, bp, np, n0, num); +} diff --git a/crypto/bn/build.info b/crypto/bn/build.info index d0c1034bde3..c3c71884e50 100644 --- a/crypto/bn/build.info +++ b/crypto/bn/build.info @@ -77,7 +77,7 @@ IF[{- !$disabled{asm} -}] $BNASM_parisc20_64=$BNASM_parisc11 $BNDEF_parisc20_64=$BNDEF_parisc11 - $BNASM_ppc32=bn-ppc.s ppc-mont.s + $BNASM_ppc32=bn_ppc.c bn-ppc.s ppc-mont.s $BNDEF_ppc32=OPENSSL_BN_ASM_MONT $BNASM_ppc64=$BNASM_ppc32 ppc64-mont-fixed.s $BNDEF_ppc64=$BNDEF_ppc32 diff --git a/crypto/chacha/build.info b/crypto/chacha/build.info index 9757739682c..c12cb9c201b 100644 --- a/crypto/chacha/build.info +++ b/crypto/chacha/build.info @@ -12,7 +12,7 @@ IF[{- !$disabled{asm} -}] $CHACHAASM_armv4=chacha-armv4.S $CHACHAASM_aarch64=chacha-armv8.S - $CHACHAASM_ppc32=chacha-ppc.s + $CHACHAASM_ppc32=chacha_ppc.c chacha-ppc.s $CHACHAASM_ppc64=$CHACHAASM_ppc32 $CHACHAASM_c64xplus=chacha-c64xplus.s diff --git a/crypto/chacha/chacha_ppc.c b/crypto/chacha/chacha_ppc.c new file mode 100644 index 00000000000..5319040cc16 --- /dev/null +++ b/crypto/chacha/chacha_ppc.c @@ -0,0 +1,35 @@ +/* + * Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +#include +#include "crypto/chacha.h" +#include "crypto/ppc_arch.h" + +void ChaCha20_ctr32_int(unsigned char *out, const unsigned char *inp, + size_t len, const unsigned int key[8], + const unsigned int counter[4]); +void ChaCha20_ctr32_vmx(unsigned char *out, const unsigned char *inp, + size_t len, const unsigned int key[8], + const unsigned int counter[4]); +void ChaCha20_ctr32_vsx(unsigned char *out, const unsigned char *inp, + size_t len, const unsigned int key[8], + const unsigned int counter[4]); +void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp, + size_t len, const unsigned int key[8], + const unsigned int counter[4]) +{ + OPENSSL_ppccap_P & PPC_CRYPTO207 + ? ChaCha20_ctr32_vsx(out, inp, len, key, counter) + : OPENSSL_ppccap_P & PPC_ALTIVEC + ? ChaCha20_ctr32_vmx(out, inp, len, key, counter) + : ChaCha20_ctr32_int(out, inp, len, key, counter); +} diff --git a/crypto/ec/build.info b/crypto/ec/build.info index 216139e5965..9ee9842fecf 100644 --- a/crypto/ec/build.info +++ b/crypto/ec/build.info @@ -30,7 +30,7 @@ IF[{- !$disabled{asm} -}] $ECASM_parisc20_64= $ECASM_ppc32= - $ECASM_ppc64=ecp_nistz256.c ecp_nistz256-ppc64.s x25519-ppc64.s + $ECASM_ppc64=ecp_nistz256.c ecp_ppc.c ecp_nistz256-ppc64.s x25519-ppc64.s $ECDEF_ppc64=ECP_NISTZ256_ASM X25519_ASM IF[{- !$disabled{'ec_nistp_64_gcc_128'} -}] $ECASM_ppc64=$ECASM_ppc64 ecp_nistp521-ppc64.s diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index 338618ebca4..31a97d79374 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -688,7 +688,7 @@ void p521_felem_square(largefelem out, const felem in); void p521_felem_mul(largefelem out, const felem in1, const felem in2); # if defined(_ARCH_PPC64) -# include "ppc_arch.h" +# include "crypto/ppc_arch.h" # endif void felem_select(void) diff --git a/crypto/ec/ecp_ppc.c b/crypto/ec/ecp_ppc.c new file mode 100644 index 00000000000..b2b9f772b87 --- /dev/null +++ b/crypto/ec/ecp_ppc.c @@ -0,0 +1,34 @@ +/* + * Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "internal/cryptlib.h" +#include "crypto/ppc_arch.h" +#include "ec_local.h" + +void ecp_nistz256_mul_mont(unsigned long res[4], const unsigned long a[4], + const unsigned long b[4]); + +void ecp_nistz256_to_mont(unsigned long res[4], const unsigned long in[4]); +void ecp_nistz256_to_mont(unsigned long res[4], const unsigned long in[4]) +{ + static const unsigned long RR[] = { 0x0000000000000003U, + 0xfffffffbffffffffU, + 0xfffffffffffffffeU, + 0x00000004fffffffdU }; + + ecp_nistz256_mul_mont(res, in, RR); +} + +void ecp_nistz256_from_mont(unsigned long res[4], const unsigned long in[4]); +void ecp_nistz256_from_mont(unsigned long res[4], const unsigned long in[4]) +{ + static const unsigned long one[] = { 1, 0, 0, 0 }; + + ecp_nistz256_mul_mont(res, in, one); +} diff --git a/crypto/modes/gcm128.c b/crypto/modes/gcm128.c index bdcb619cd8e..8317fd48e44 100644 --- a/crypto/modes/gcm128.c +++ b/crypto/modes/gcm128.c @@ -683,7 +683,7 @@ void gcm_gmult_vis3(u64 Xi[2], const u128 Htable[16]); void gcm_ghash_vis3(u64 Xi[2], const u128 Htable[16], const u8 *inp, size_t len); # elif defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC)) -# include "ppc_arch.h" +# include "crypto/ppc_arch.h" # define GHASH_ASM_PPC # define GCM_FUNCREF_4BIT void gcm_init_p8(u128 Htable[16], const u64 Xi[2]); diff --git a/crypto/poly1305/build.info b/crypto/poly1305/build.info index 7e055ef3382..7f13fdcf3b8 100644 --- a/crypto/poly1305/build.info +++ b/crypto/poly1305/build.info @@ -16,7 +16,7 @@ IF[{- !$disabled{asm} -}] $POLY1305ASM_armv4=poly1305-armv4.S $POLY1305ASM_aarch64=poly1305-armv8.S - $POLY1305ASM_ppc32=poly1305-ppc.s poly1305-ppcfp.s + $POLY1305ASM_ppc32=poly1305_ppc.c poly1305-ppc.s poly1305-ppcfp.s $POLY1305ASM_ppc64=$POLY1305ASM_ppc32 $POLY1305ASM_c64xplus=poly1305-c64xplus.s diff --git a/crypto/poly1305/poly1305_ppc.c b/crypto/poly1305/poly1305_ppc.c new file mode 100644 index 00000000000..4e4e3d1994f --- /dev/null +++ b/crypto/poly1305/poly1305_ppc.c @@ -0,0 +1,47 @@ +/* + * Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include "crypto/poly1305.h" +#include "crypto/ppc_arch.h" + +void poly1305_init_int(void *ctx, const unsigned char key[16]); +void poly1305_blocks(void *ctx, const unsigned char *inp, size_t len, + unsigned int padbit); +void poly1305_emit(void *ctx, unsigned char mac[16], + const unsigned int nonce[4]); +void poly1305_init_fpu(void *ctx, const unsigned char key[16]); +void poly1305_blocks_fpu(void *ctx, const unsigned char *inp, size_t len, + unsigned int padbit); +void poly1305_emit_fpu(void *ctx, unsigned char mac[16], + const unsigned int nonce[4]); +void poly1305_init_vsx(void *ctx, const unsigned char key[16]); +void poly1305_blocks_vsx(void *ctx, const unsigned char *inp, size_t len, + unsigned int padbit); +void poly1305_emit_vsx(void *ctx, unsigned char mac[16], + const unsigned int nonce[4]); +int poly1305_init(void *ctx, const unsigned char key[16], void *func[2]); +int poly1305_init(void *ctx, const unsigned char key[16], void *func[2]) +{ + if (OPENSSL_ppccap_P & PPC_CRYPTO207) { + poly1305_init_int(ctx, key); + func[0] = (void*)(uintptr_t)poly1305_blocks_vsx; + func[1] = (void*)(uintptr_t)poly1305_emit; + } else if (sizeof(size_t) == 4 && (OPENSSL_ppccap_P & PPC_FPU)) { + poly1305_init_fpu(ctx, key); + func[0] = (void*)(uintptr_t)poly1305_blocks_fpu; + func[1] = (void*)(uintptr_t)poly1305_emit_fpu; + } else { + poly1305_init_int(ctx, key); + func[0] = (void*)(uintptr_t)poly1305_blocks; + func[1] = (void*)(uintptr_t)poly1305_emit; + } + return 1; +} diff --git a/crypto/ppccap.c b/crypto/ppccap.c index 27f048686ea..c9f82c6b5ee 100644 --- a/crypto/ppccap.c +++ b/crypto/ppccap.c @@ -27,159 +27,13 @@ # include #endif #include -#include #include "internal/cryptlib.h" -#include "crypto/chacha.h" -#include "bn/bn_local.h" - -#include "ppc_arch.h" +#include "crypto/ppc_arch.h" unsigned int OPENSSL_ppccap_P = 0; static sigset_t all_masked; - -#ifdef OPENSSL_BN_ASM_MONT -int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, - const BN_ULONG *np, const BN_ULONG *n0, int num) -{ - int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, - const BN_ULONG *np, const BN_ULONG *n0, int num); - int bn_mul4x_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, - const BN_ULONG *np, const BN_ULONG *n0, int num); - int bn_mul_mont_fixed_n6(BN_ULONG *rp, const BN_ULONG *ap, - const BN_ULONG *bp, const BN_ULONG *np, - const BN_ULONG *n0, int num); - int bn_mul_mont_300_fixed_n6(BN_ULONG *rp, const BN_ULONG *ap, - const BN_ULONG *bp, const BN_ULONG *np, - const BN_ULONG *n0, int num); - - if (num < 4) - return 0; - - if ((num & 3) == 0) - return bn_mul4x_mont_int(rp, ap, bp, np, n0, num); - - /* - * There used to be [optional] call to bn_mul_mont_fpu64 here, - * but above subroutine is faster on contemporary processors. - * Formulation means that there might be old processors where - * FPU code path would be faster, POWER6 perhaps, but there was - * no opportunity to figure it out... - */ - - if (num == 6) { - if (OPENSSL_ppccap_P & PPC_MADD300) - return bn_mul_mont_300_fixed_n6(rp, ap, bp, np, n0, num); - else - return bn_mul_mont_fixed_n6(rp, ap, bp, np, n0, num); - } - - return bn_mul_mont_int(rp, ap, bp, np, n0, num); -} -#endif -void sha256_block_p8(void *ctx, const void *inp, size_t len); -void sha256_block_ppc(void *ctx, const void *inp, size_t len); -void sha256_block_data_order(void *ctx, const void *inp, size_t len); -void sha256_block_data_order(void *ctx, const void *inp, size_t len) -{ - OPENSSL_ppccap_P & PPC_CRYPTO207 ? sha256_block_p8(ctx, inp, len) : - sha256_block_ppc(ctx, inp, len); -} - -void sha512_block_p8(void *ctx, const void *inp, size_t len); -void sha512_block_ppc(void *ctx, const void *inp, size_t len); -void sha512_block_data_order(void *ctx, const void *inp, size_t len); -void sha512_block_data_order(void *ctx, const void *inp, size_t len) -{ - OPENSSL_ppccap_P & PPC_CRYPTO207 ? sha512_block_p8(ctx, inp, len) : - sha512_block_ppc(ctx, inp, len); -} - -#ifndef FIPS_MODULE -# ifndef OPENSSL_NO_CHACHA -void ChaCha20_ctr32_int(unsigned char *out, const unsigned char *inp, - size_t len, const unsigned int key[8], - const unsigned int counter[4]); -void ChaCha20_ctr32_vmx(unsigned char *out, const unsigned char *inp, - size_t len, const unsigned int key[8], - const unsigned int counter[4]); -void ChaCha20_ctr32_vsx(unsigned char *out, const unsigned char *inp, - size_t len, const unsigned int key[8], - const unsigned int counter[4]); -void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp, - size_t len, const unsigned int key[8], - const unsigned int counter[4]) -{ - OPENSSL_ppccap_P & PPC_CRYPTO207 - ? ChaCha20_ctr32_vsx(out, inp, len, key, counter) - : OPENSSL_ppccap_P & PPC_ALTIVEC - ? ChaCha20_ctr32_vmx(out, inp, len, key, counter) - : ChaCha20_ctr32_int(out, inp, len, key, counter); -} -# endif - -# ifndef OPENSSL_NO_POLY1305 -void poly1305_init_int(void *ctx, const unsigned char key[16]); -void poly1305_blocks(void *ctx, const unsigned char *inp, size_t len, - unsigned int padbit); -void poly1305_emit(void *ctx, unsigned char mac[16], - const unsigned int nonce[4]); -void poly1305_init_fpu(void *ctx, const unsigned char key[16]); -void poly1305_blocks_fpu(void *ctx, const unsigned char *inp, size_t len, - unsigned int padbit); -void poly1305_emit_fpu(void *ctx, unsigned char mac[16], - const unsigned int nonce[4]); -void poly1305_init_vsx(void *ctx, const unsigned char key[16]); -void poly1305_blocks_vsx(void *ctx, const unsigned char *inp, size_t len, - unsigned int padbit); -void poly1305_emit_vsx(void *ctx, unsigned char mac[16], - const unsigned int nonce[4]); -int poly1305_init(void *ctx, const unsigned char key[16], void *func[2]); -int poly1305_init(void *ctx, const unsigned char key[16], void *func[2]) -{ - if (OPENSSL_ppccap_P & PPC_CRYPTO207) { - poly1305_init_int(ctx, key); - func[0] = (void*)(uintptr_t)poly1305_blocks_vsx; - func[1] = (void*)(uintptr_t)poly1305_emit; - } else if (sizeof(size_t) == 4 && (OPENSSL_ppccap_P & PPC_FPU)) { - poly1305_init_fpu(ctx, key); - func[0] = (void*)(uintptr_t)poly1305_blocks_fpu; - func[1] = (void*)(uintptr_t)poly1305_emit_fpu; - } else { - poly1305_init_int(ctx, key); - func[0] = (void*)(uintptr_t)poly1305_blocks; - func[1] = (void*)(uintptr_t)poly1305_emit; - } - return 1; -} -# endif -#endif /* FIPS_MODULE */ - -#ifdef ECP_NISTZ256_ASM -void ecp_nistz256_mul_mont(unsigned long res[4], const unsigned long a[4], - const unsigned long b[4]); - -void ecp_nistz256_to_mont(unsigned long res[4], const unsigned long in[4]); -void ecp_nistz256_to_mont(unsigned long res[4], const unsigned long in[4]) -{ - static const unsigned long RR[] = { 0x0000000000000003U, - 0xfffffffbffffffffU, - 0xfffffffffffffffeU, - 0x00000004fffffffdU }; - - ecp_nistz256_mul_mont(res, in, RR); -} - -void ecp_nistz256_from_mont(unsigned long res[4], const unsigned long in[4]); -void ecp_nistz256_from_mont(unsigned long res[4], const unsigned long in[4]) -{ - static const unsigned long one[] = { 1, 0, 0, 0 }; - - ecp_nistz256_mul_mont(res, in, one); -} -#endif - static sigjmp_buf ill_jmp; static void ill_handler(int sig) { diff --git a/crypto/sha/build.info b/crypto/sha/build.info index 4f0ad6571ea..5d988e7ab51 100644 --- a/crypto/sha/build.info +++ b/crypto/sha/build.info @@ -37,7 +37,8 @@ IF[{- !$disabled{asm} -}] $SHA1DEF_parisc20_64=$SHA1DEF_parisc11 $SHA1ASM_ppc32=\ - sha1-ppc.s sha256-ppc.s sha512-ppc.s sha256p8-ppc.s sha512p8-ppc.s + sha_ppc.c sha1-ppc.s sha256-ppc.s sha512-ppc.s sha256p8-ppc.s \ + sha512p8-ppc.s $SHA1DEF_ppc32=SHA1_ASM SHA256_ASM SHA512_ASM $SHA1ASM_ppc64=$SHA1ASM_ppc32 $SHA1DEF_ppc64=$SHA1DEF_ppc32 diff --git a/crypto/sha/sha_ppc.c b/crypto/sha/sha_ppc.c new file mode 100644 index 00000000000..accf19d8a23 --- /dev/null +++ b/crypto/sha/sha_ppc.c @@ -0,0 +1,33 @@ +/* + * Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +#include +#include +#include "crypto/ppc_arch.h" + +void sha256_block_p8(void *ctx, const void *inp, size_t len); +void sha256_block_ppc(void *ctx, const void *inp, size_t len); +void sha256_block_data_order(void *ctx, const void *inp, size_t len); +void sha256_block_data_order(void *ctx, const void *inp, size_t len) +{ + OPENSSL_ppccap_P & PPC_CRYPTO207 ? sha256_block_p8(ctx, inp, len) : + sha256_block_ppc(ctx, inp, len); +} + +void sha512_block_p8(void *ctx, const void *inp, size_t len); +void sha512_block_ppc(void *ctx, const void *inp, size_t len); +void sha512_block_data_order(void *ctx, const void *inp, size_t len); +void sha512_block_data_order(void *ctx, const void *inp, size_t len) +{ + OPENSSL_ppccap_P & PPC_CRYPTO207 ? sha512_block_p8(ctx, inp, len) : + sha512_block_ppc(ctx, inp, len); +} diff --git a/crypto/ppc_arch.h b/include/crypto/ppc_arch.h similarity index 100% rename from crypto/ppc_arch.h rename to include/crypto/ppc_arch.h