diff options
| author | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2022-01-05 16:46:58 +0200 |
|---|---|---|
| committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2022-01-11 20:10:12 +0200 |
| commit | 4e6f1ef5a00e15128e5f2398e2c282d31152d276 (patch) | |
| tree | b70c9ad25b3a18628c6e490eb2a8c9bb1c42c1a7 /cipher/cipher-gcm.c | |
| parent | 859b6ac7fbdb6ec18d1536e14b9ee83c1add224e (diff) | |
| download | libgcrypt-4e6f1ef5a00e15128e5f2398e2c282d31152d276.tar.gz | |
Add armv8/pmull accelerated POLYVAL for GCM-SIV
* cipher/cipher-gcm-armv8-aarch32-ce.S
(_gcry_polyval_armv8_ce_pmull): New.
* cipher/cipher-gcm-armv8-aarch64-ce.S
(_gcry_polyval_armv8_ce_pmull): New.
* cipher/cipher-gcm.c (_gcry_polyval_armv8_ce_pmull)
(polyval_armv8_ce_pmull): New.
(setupM) [GCM_USE_ARM_PMULL]: Setup 'polyval_armv8_ce_pmull' as POLYVAL
function.
--
Benchmark on Cortex-A53 (aarch64):
Before:
AES | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
GCM-SIV auth | 1.74 ns/B 547.6 MiB/s 2.01 c/B 1152
After (76% faster):
AES | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
GCM-SIV auth | 0.990 ns/B 963.2 MiB/s 1.14 c/B 1152
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'cipher/cipher-gcm.c')
| -rw-r--r-- | cipher/cipher-gcm.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c index d3ed9cf6..a039c5e9 100644 --- a/cipher/cipher-gcm.c +++ b/cipher/cipher-gcm.c @@ -57,6 +57,11 @@ extern unsigned int _gcry_ghash_armv8_ce_pmull (void *gcm_key, byte *result, const byte *buf, size_t nblocks, void *gcm_table); +extern unsigned int _gcry_polyval_armv8_ce_pmull (void *gcm_key, byte *result, + const byte *buf, + size_t nblocks, + void *gcm_table); + static void ghash_setup_armv8_ce_pmull (gcry_cipher_hd_t c) { @@ -71,6 +76,14 @@ ghash_armv8_ce_pmull (gcry_cipher_hd_t c, byte *result, const byte *buf, return _gcry_ghash_armv8_ce_pmull(c->u_mode.gcm.u_ghash_key.key, result, buf, nblocks, c->u_mode.gcm.gcm_table); } + +static unsigned int +polyval_armv8_ce_pmull (gcry_cipher_hd_t c, byte *result, const byte *buf, + size_t nblocks) +{ + return _gcry_polyval_armv8_ce_pmull(c->u_mode.gcm.u_ghash_key.key, result, + buf, nblocks, c->u_mode.gcm.gcm_table); +} #endif /* GCM_USE_ARM_PMULL */ #ifdef GCM_USE_ARM_NEON @@ -591,6 +604,7 @@ setupM (gcry_cipher_hd_t c) else if (features & HWF_ARM_PMULL) { c->u_mode.gcm.ghash_fn = ghash_armv8_ce_pmull; + c->u_mode.gcm.polyval_fn = polyval_armv8_ce_pmull; ghash_setup_armv8_ce_pmull (c); } #endif |