diff options
author | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2023-01-04 16:11:39 +0200 |
---|---|---|
committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2023-01-06 10:54:31 +0200 |
commit | 316c6d7715d931a0fbe3ebc4e20e6f4d77b716cb (patch) | |
tree | 0f02a66395297805661a913da532c66151a3f985 /src | |
parent | 30c9a1d101b45908a17c68fa50f4cdf9bd113792 (diff) | |
download | libgcrypt-316c6d7715d931a0fbe3ebc4e20e6f4d77b716cb.tar.gz |
Add ARIA block cipher
* cipher/Makefile.am: Add 'aria.c'.
* cipher/aria.c: New.
* cipher/cipher.c (cipher_list, cipher_list_algo301): Add ARIA cipher
specs.
* cipher/mac-cmac.c (map_mac_algo_to_cipher): Add GCRY_MAC_CMAC_ARIA.
(_gcry_mac_type_spec_cmac_aria): New.
* cipher/mac-gmac.c (map_mac_algo_to_cipher): Add GCRY_MAC_GMAC_ARIA.
(_gcry_mac_type_spec_gmac_aria): New.
* cipher/mac-internal.h (_gcry_mac_type_spec_cmac_aria)
(_gcry_mac_type_spec_gmac_aria)
(_gcry_mac_type_spec_poly1305mac_aria): New.
* cipher/mac-poly1305.c (poly1305mac_open): Add GCRY_MAC_GMAC_ARIA.
(_gcry_mac_type_spec_poly1305mac_aria): New.
* cipher/mac.c (mac_list, mac_list_algo201, mac_list_algo401)
(mac_list_algo501): Add ARIA MAC specs.
* configure.ac (available_ciphers): Add 'aria'.
(GCRYPT_CIPHERS): Add 'aria.lo'.
(USE_ARIA): New.
* doc/gcrypt.texi: Add GCRY_CIPHER_ARIA128, GCRY_CIPHER_ARIA192,
GCRY_CIPHER_ARIA256, GCRY_MAC_CMAC_ARIA, GCRY_MAC_GMAC_ARIA and
GCRY_MAC_POLY1305_ARIA.
* src/cipher.h (_gcry_cipher_spec_aria128, _gcry_cipher_spec_aria192)
(_gcry_cipher_spec_aria256): New.
* src/gcrypt.h.in (gcry_cipher_algos): Add GCRY_CIPHER_ARIA128,
GCRY_CIPHER_ARIA192 and GCRY_CIPHER_ARIA256.
(gcry_mac_algos): GCRY_MAC_CMAC_ARIA, GCRY_MAC_GMAC_ARIA and
GCRY_MAC_POLY1305_ARIA.
* tests/basic.c (check_ecb_cipher, check_ctr_cipher)
(check_cfb_cipher, check_ocb_cipher) [USE_ARIA]: Add ARIA test-vectors.
(check_ciphers) [USE_ARIA]: Add GCRY_CIPHER_ARIA128, GCRY_CIPHER_ARIA192
and GCRY_CIPHER_ARIA256.
(main): Also run 'check_bulk_cipher_modes' for 'cipher_modes_only'-mode.
* tests/bench-slope.c (bench_mac_init): Add GCRY_MAC_POLY1305_ARIA
setiv-handling.
* tests/benchmark.c (mac_bench): Likewise.
--
This patch adds ARIA block cipher for libgcrypt. This implementation
is based on work by Taehee Yoo, with following notable changes:
- Integration to libgcrypt, use of bithelp.h and bufhelp.h helper
functions where possible.
- Added lookup table prefetching as is done in AES, GCM and SM4
implementations.
- Changed `get_u8` to return `u32` as returning `byte` caused
sub-optimal code generation with gcc-12/x86-64 (zero extending
from 8-bit to 32-bit register, followed by extraneous sign
extending from 32-bit to 64-bit register).
- Changed 'aria_crypt' loop structure a bit for tiny performance
increase (~1% seen with gcc-12/x86-64/zen4).
Benchmark on AMD Ryzen 9 7900X (x86-64):
ARIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 3.99 ns/B 239.1 MiB/s 22.43 c/B 5625
ECB dec | 4.00 ns/B 238.4 MiB/s 22.50 c/B 5625
Benchmark on AMD Ryzen 9 7900X (win32):
ARIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 4.57 ns/B 208.7 MiB/s 25.31 c/B 5538
ECB dec | 4.66 ns/B 204.8 MiB/s 25.39 c/B 5453
Benchmark on ARM Cortex-A53 (aarch64):
ARIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 74.69 ns/B 12.77 MiB/s 48.40 c/B 647.9
ECB dec | 74.99 ns/B 12.72 MiB/s 48.58 c/B 647.9
Cc: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'src')
-rw-r--r-- | src/cipher.h | 3 | ||||
-rw-r--r-- | src/gcrypt.h.in | 10 |
2 files changed, 11 insertions, 2 deletions
diff --git a/src/cipher.h b/src/cipher.h index 9b890aeb..95ed43d7 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -171,6 +171,9 @@ extern gcry_cipher_spec_t _gcry_cipher_spec_gost28147; extern gcry_cipher_spec_t _gcry_cipher_spec_gost28147_mesh; extern gcry_cipher_spec_t _gcry_cipher_spec_chacha20; extern gcry_cipher_spec_t _gcry_cipher_spec_sm4; +extern gcry_cipher_spec_t _gcry_cipher_spec_aria128; +extern gcry_cipher_spec_t _gcry_cipher_spec_aria192; +extern gcry_cipher_spec_t _gcry_cipher_spec_aria256; /* Declarations for the digest specifications. */ extern const gcry_md_spec_t _gcry_digest_spec_crc32; diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 47d73339..aba22bfc 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -943,7 +943,10 @@ enum gcry_cipher_algos GCRY_CIPHER_GOST28147 = 315, GCRY_CIPHER_CHACHA20 = 316, GCRY_CIPHER_GOST28147_MESH = 317, /* With CryptoPro key meshing. */ - GCRY_CIPHER_SM4 = 318 + GCRY_CIPHER_SM4 = 318, + GCRY_CIPHER_ARIA128 = 319, + GCRY_CIPHER_ARIA192 = 320, + GCRY_CIPHER_ARIA256 = 321 }; /* The Rijndael algorithm is basically AES, so provide some macros. */ @@ -1510,6 +1513,7 @@ enum gcry_mac_algos GCRY_MAC_CMAC_IDEA = 210, GCRY_MAC_CMAC_GOST28147 = 211, GCRY_MAC_CMAC_SM4 = 212, + GCRY_MAC_CMAC_ARIA = 213, GCRY_MAC_GMAC_AES = 401, GCRY_MAC_GMAC_CAMELLIA = 402, @@ -1517,6 +1521,7 @@ enum gcry_mac_algos GCRY_MAC_GMAC_SERPENT = 404, GCRY_MAC_GMAC_SEED = 405, GCRY_MAC_GMAC_SM4 = 406, + GCRY_MAC_GMAC_ARIA = 407, GCRY_MAC_POLY1305 = 501, GCRY_MAC_POLY1305_AES = 502, @@ -1524,7 +1529,8 @@ enum gcry_mac_algos GCRY_MAC_POLY1305_TWOFISH = 504, GCRY_MAC_POLY1305_SERPENT = 505, GCRY_MAC_POLY1305_SEED = 506, - GCRY_MAC_POLY1305_SM4 = 507 + GCRY_MAC_POLY1305_SM4 = 507, + GCRY_MAC_POLY1305_ARIA = 508 }; /* Flags used with the open function. */ |