From: Niels Möller Date: Mon, 23 Nov 2020 16:23:17 +0000 (+0100) Subject: Prepare for using assembly function _chacha_2core. X-Git-Tag: nettle_3.7rc1~40 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c4e859750a1580491f227287400b99e1d1d82319;p=thirdparty%2Fnettle.git Prepare for using assembly function _chacha_2core. * chacha-crypt.c (_chacha_crypt_2core, _chacha_crypt32_2core): New variants of chacha_crypt, using _chacha_2core to do two blocks at a time. * chacha-internal.h (_chacha_2core, _chacha_2core32): Add declarations. * configure.ac (asm_nettle_optional_list): Add chacha-2core.asm. --- diff --git a/ChangeLog b/ChangeLog index 3bb77d84..ccd0b8b5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2020-11-23 Niels Möller + + * chacha-crypt.c (_chacha_crypt_2core, _chacha_crypt32_2core): New + variants of chacha_crypt, using _chacha_2core to do two blocks at + a time. + * chacha-internal.h (_chacha_2core, _chacha_2core32): Add declarations. + * configure.ac (asm_nettle_optional_list): Add chacha-2core.asm. + 2020-11-14 Niels Möller * ecc-mod-inv.c (ecc_mod_inv): Use passed in scratch for all diff --git a/chacha-crypt.c b/chacha-crypt.c index 098b53e6..4c3201ff 100644 --- a/chacha-crypt.c +++ b/chacha-crypt.c @@ -59,6 +59,9 @@ #undef _chacha_crypt32_3core #define _chacha_crypt_3core chacha_crypt #define _chacha_crypt32_3core chacha_crypt32 +#elif HAVE_NATIVE_chacha_2core +#define _chacha_crypt_2core chacha_crypt +#define _chacha_crypt32_2core chacha_crypt32 #elif !HAVE_NATIVE_fat_chacha_3core #undef _chacha_crypt_1core #undef _chacha_crypt32_1core @@ -109,7 +112,42 @@ _chacha_crypt_3core(struct chacha_ctx *ctx, } #endif -#if !HAVE_NATIVE_chacha_3core +#if HAVE_NATIVE_chacha_2core +void +_chacha_crypt_2core(struct chacha_ctx *ctx, + size_t length, + uint8_t *dst, + const uint8_t *src) +{ + uint32_t x[2*_CHACHA_STATE_LENGTH]; + + if (!length) + return; + + while (length > CHACHA_BLOCK_SIZE) + { + _chacha_2core (x, ctx->state, CHACHA_ROUNDS); + ctx->state[12] += 2; + ctx->state[13] += (ctx->state[12] < 2); + if (length <= 2*CHACHA_BLOCK_SIZE) + { + memxor3 (dst, src, x, length); + return; + } + memxor3 (dst, src, x, 2*CHACHA_BLOCK_SIZE); + + length -= 2*CHACHA_BLOCK_SIZE; + dst += 2*CHACHA_BLOCK_SIZE; + src += 2*CHACHA_BLOCK_SIZE; + } + + _chacha_core (x, ctx->state, CHACHA_ROUNDS); + memxor3 (dst, src, x, length); + ctx->state[13] += (++ctx->state[12] == 0); +} +#endif + +#if !(HAVE_NATIVE_chacha_3core || HAVE_NATIVE_chacha_2core) void _chacha_crypt_1core(struct chacha_ctx *ctx, size_t length, @@ -186,6 +224,40 @@ _chacha_crypt32_3core(struct chacha_ctx *ctx, } #endif +#if HAVE_NATIVE_chacha_2core +void +_chacha_crypt32_2core(struct chacha_ctx *ctx, + size_t length, + uint8_t *dst, + const uint8_t *src) +{ + uint32_t x[2*_CHACHA_STATE_LENGTH]; + + if (!length) + return; + + while (length > CHACHA_BLOCK_SIZE) + { + _chacha_2core32 (x, ctx->state, CHACHA_ROUNDS); + ctx->state[12] += 2; + if (length <= 2*CHACHA_BLOCK_SIZE) + { + memxor3 (dst, src, x, length); + return; + } + memxor3 (dst, src, x, 2*CHACHA_BLOCK_SIZE); + + length -= 2*CHACHA_BLOCK_SIZE; + dst += 2*CHACHA_BLOCK_SIZE; + src += 2*CHACHA_BLOCK_SIZE; + } + + _chacha_core (x, ctx->state, CHACHA_ROUNDS); + memxor3 (dst, src, x, length); + ++ctx->state[12]; +} +#endif + #if !HAVE_NATIVE_chacha_3core void _chacha_crypt32_1core(struct chacha_ctx *ctx, diff --git a/chacha-internal.h b/chacha-internal.h index ef6a64a3..d298ab87 100644 --- a/chacha-internal.h +++ b/chacha-internal.h @@ -40,6 +40,8 @@ #include "chacha.h" #define _chacha_core _nettle_chacha_core +#define _chacha_2core _nettle_chacha_2core +#define _chacha_2core32 _nettle_chacha_2core32 #define _chacha_3core _nettle_chacha_3core #define _chacha_3core32 _nettle_chacha_3core32 #define _chacha_crypt_1core _nettle_chacha_crypt_1core @@ -51,6 +53,12 @@ void _chacha_core(uint32_t *dst, const uint32_t *src, unsigned rounds); /* Functions available only in some configurations */ +void +_chacha_2core(uint32_t *dst, const uint32_t *src, unsigned rounds); + +void +_chacha_2core32(uint32_t *dst, const uint32_t *src, unsigned rounds); + void _chacha_3core(uint32_t *dst, const uint32_t *src, unsigned rounds); diff --git a/configure.ac b/configure.ac index 2a47f940..356d5bc4 100644 --- a/configure.ac +++ b/configure.ac @@ -499,7 +499,7 @@ asm_replace_list="aes-encrypt-internal.asm aes-decrypt-internal.asm \ # Assembler files which generate additional object files if they are used. asm_nettle_optional_list="gcm-hash8.asm cpuid.asm \ aes-encrypt-internal-2.asm aes-decrypt-internal-2.asm memxor-2.asm \ - chacha-3core.asm chacha-core-internal-2.asm salsa20-2core.asm \ + chacha-2core.asm chacha-3core.asm chacha-core-internal-2.asm salsa20-2core.asm \ salsa20-core-internal-2.asm sha1-compress-2.asm sha256-compress-2.asm \ sha3-permute-2.asm sha512-compress-2.asm \ umac-nh-n-2.asm umac-nh-2.asm" @@ -607,6 +607,7 @@ AH_VERBATIM([HAVE_NATIVE], #undef HAVE_NATIVE_aes_decrypt #undef HAVE_NATIVE_aes_encrypt #undef HAVE_NATIVE_chacha_core +#undef HAVE_NATIVE_chacha_2core #undef HAVE_NATIVE_chacha_3core #undef HAVE_NATIVE_fat_chacha_3core #undef HAVE_NATIVE_ecc_curve25519_modp