| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
* build-aux/ltmain.hs: Update from libgpg-error.
--
GnuPG-bug-id: 6484
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
| |
* tests/Makefile.am [HAVE_W32_SYSTEM] (AM_LDFLAGS): Conditionalize.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
| |
* random/rndw32.c (init_system_rng): Add (void *).
(slow_gatherer): Likewise.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* build-aux/db2any: Update copyright notice.
* cipher/arcfour.c, cipher/blowfish.ccipher/cast5.c: Likewise.
* cipher/crc-armv8-ce.c, cipher/crc-intel-pclmul.c: Likewise.
* cipher/crc-ppc.c, cipher/crc.c, cipher/des.c: Likewise.
* cipher/md2.c, cipher/md4.c, cipher/md5.c: Likewise.
* cipher/primegen.c, cipher/rfc2268.c, cipher/rmd160.c: Likewise.
* cipher/seed.c, cipher/serpent.c, cipher/tiger.c: Likewise.
* cipher/twofish.c: Likewise.
* mpi/alpha/mpih-add1.S, mpi/alpha/mpih-lshift.S: Likewise.
* mpi/alpha/mpih-mul1.S, mpi/alpha/mpih-mul2.S: Likewise.
* mpi/alpha/mpih-mul3.S, mpi/alpha/mpih-rshift.S: Likewise.
* mpi/alpha/mpih-sub1.S, mpi/alpha/udiv-qrnnd.S: Likewise.
* mpi/amd64/mpih-add1.S, mpi/amd64/mpih-lshift.S: Likewise.
* mpi/amd64/mpih-mul1.S, mpi/amd64/mpih-mul2.S: Likewise.
* mpi/amd64/mpih-mul3.S, mpi/amd64/mpih-rshift.S: Likewise.
* mpi/amd64/mpih-sub1.S, mpi/config.links: Likewise.
* mpi/generic/mpih-add1.c, mpi/generic/mpih-lshift.c: Likewise.
* mpi/generic/mpih-mul1.c, mpi/generic/mpih-mul2.c: Likewise.
* mpi/generic/mpih-mul3.c, mpi/generic/mpih-rshift.c: Likewise.
* mpi/generic/mpih-sub1.c, mpi/generic/udiv-w-sdiv.c: Likewise.
* mpi/hppa/mpih-add1.S, mpi/hppa/mpih-lshift.S: Likewise.
* mpi/hppa/mpih-rshift.S, mpi/hppa/mpih-sub1.S: Likewise.
* mpi/hppa/udiv-qrnnd.S, mpi/hppa1.1/mpih-mul1.S: Likewise.
* mpi/hppa1.1/mpih-mul2.S, mpi/hppa1.1/mpih-mul3.S: Likewise.
* mpi/hppa1.1/udiv-qrnnd.S, mpi/i386/mpih-add1.S: Likewise.
* mpi/i386/mpih-lshift.S, mpi/i386/mpih-mul1.S: Likewise.
* mpi/i386/mpih-mul2.S, mpi/i386/mpih-mul3.S: Likewise.
* mpi/i386/mpih-rshift.S, mpi/i386/mpih-sub1.S: Likewise.
* mpi/i386/syntax.h, mpi/longlong.h: Likewise.
* mpi/m68k/mc68020/mpih-mul1.S, mpi/m68k/mc68020/mpih-mul2.S: Likewise.
* mpi/m68k/mc68020/mpih-mul3.S, mpi/m68k/mpih-add1.S: Likewise.
* mpi/m68k/mpih-lshift.S, mpi/m68k/mpih-rshift.S: Likewise.
* mpi/m68k/mpih-sub1.S, mpi/m68k/syntax.h: Likewise.
* mpi/mips3/mpih-add1.S, mpi/mips3/mpih-lshift.S: Likewise.
* mpi/mips3/mpih-mul1.S, mpi/mips3/mpih-mul2.S: Likewise.
* mpi/mips3/mpih-mul3.S, mpi/mips3/mpih-rshift.S: Likewise.
* mpi/mips3/mpih-sub1.S, mpi/mpi-add.c: Likewise.
* mpi/mpi-bit.c, mpi/mpi-cmp.c, mpi/mpi-div.c: Likewise.
* mpi/mpi-gcd.c, mpi/mpi-inline.c, mpi/mpi-inline.h: Likewise.
* mpi/mpi-internal.h, mpi/mpi-mpow.c, mpi/mpi-mul.c: Likewise.
* mpi/mpi-scan.c, mpi/mpih-div.c, mpi/mpih-mul.c: Likewise.
* mpi/pa7100/mpih-lshift.S, mpi/pa7100/mpih-rshift.S: Likewise.
* mpi/power/mpih-add1.S, mpi/power/mpih-lshift.S: Likewise.
* mpi/power/mpih-mul1.S, mpi/power/mpih-mul2.S: Likewise.
* mpi/power/mpih-mul3.S, mpi/power/mpih-rshift.S: Likewise.
* mpi/power/mpih-sub1.S, mpi/powerpc32/mpih-add1.S: Likewise.
* mpi/powerpc32/mpih-lshift.S, mpi/powerpc32/mpih-mul1.S: Likewise.
* mpi/powerpc32/mpih-mul2.S, mpi/powerpc32/mpih-mul3.S: Likewise.
* mpi/powerpc32/mpih-rshift.S, mpi/powerpc32/mpih-sub1.S: Likewise.
* mpi/powerpc32/syntax.h, mpi/sparc32/mpih-add1.S: Likewise.
* mpi/sparc32/mpih-lshift.S, mpi/sparc32/mpih-rshift.S: Likewise.
* mpi/sparc32/udiv.S, mpi/sparc32v8/mpih-mul1.S: Likewise.
* mpi/sparc32v8/mpih-mul2.S, mpi/sparc32v8/mpih-mul3.S: Likewise.
* mpi/supersparc/udiv.S: Likewise.
* random/random.h, random/rndegd.c: Likewise.
* src/cipher.h, src/libgcrypt.def, src/libgcrypt.vers: Likewise.
* src/missing-string.c, src/mpi.h, src/secmem.h: Likewise.
* src/stdmem.h, src/types.h: Likewise.
* tests/aeswrap.c, tests/curves.c, tests/hmac.c: Likewise.
* tests/keygrip.c, tests/prime.c, tests/random.c: Likewise.
* tests/t-kdf.c, tests/testapi.c: Likewise.
--
GnuPG-bug-id: 6271
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* acinclude.m4: Use URL and add SPDX identifier.
* m4/noexecstack.m4: Likewise.
* Makefile.am: Likewise.
* doc/Makefile.am: Likewise.
* mpi/Makefile.am: Likewise.
* tests/Makefile.am: Likewise.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
--
Taken from:
https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
https://www.gnu.org/licenses/old-licenses/gpl-2.0.texi
https://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt
https://www.gnu.org/licenses/old-licenses/lgpl-2.1.texi
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* mpi/mpi-bit.c (_gcry_mpi_rshift): Refactor so that _gcry_mpih_rshift
is used to do the copying along with shifting when copying is needed
and refactor so that same code-path is used for both in-place and
copying operation.
(_gcry_mpi_lshift): Refactor so that _gcry_mpih_lshift is used to do
the copying along with shifting when copying is needed and refactor
so that same code-path is used for both in-place and copying operation.
--
Benchmark on AMD Ryzen 9 7900X:
Before:
| nanosecs/byte mebibytes/sec cycles/byte auto Mhz
rshift3 | 0.039 ns/B 24662 MiB/s 0.182 c/B 4700
lshift3 | 0.108 ns/B 8832 MiB/s 0.508 c/B 4700
rshift65 | 0.137 ns/B 6968 MiB/s 0.643 c/B 4700
lshift65 | 0.109 ns/B 8776 MiB/s 0.511 c/B 4700
After:
| nanosecs/byte mebibytes/sec cycles/byte auto Mhz
rshift3 | 0.038 ns/B 25049 MiB/s 0.179 c/B 4700
lshift3 | 0.039 ns/B 24709 MiB/s 0.181 c/B 4700
rshift65 | 0.038 ns/B 24942 MiB/s 0.180 c/B 4700
lshift65 | 0.040 ns/B 23671 MiB/s 0.189 c/B 4700
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* mpi/amd64/mpih-add1.S (_gcry_mpih_add_n): New implementation
with 4x unrolled fast-path loop.
* mpi/amd64/mpih-sub1.S (_gcry_mpih_sub_n): Likewise.
--
Benchmark on AMD Ryzen 9 7900X:
Before:
| nanosecs/byte mebibytes/sec cycles/byte auto Mhz
add | 0.035 ns/B 27559 MiB/s 0.163 c/B 4700
sub | 0.034 ns/B 28332 MiB/s 0.158 c/B 4700
After (~26% faster):
| nanosecs/byte mebibytes/sec cycles/byte auto Mhz
add | 0.027 ns/B 35271 MiB/s 0.127 c/B 4700
sub | 0.027 ns/B 35206 MiB/s 0.127 c/B 4700
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
| |
* mpi/amd64/mpih-lshift.S: Use 'movq' instead of 'movd' for moving
value to %rax.
* mpi/amd64/mpih-rshift.S: Likewise.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* mpi/mpi-add.c (_gcry_mpi_add): Rename function...
(_gcry_mpi_add_inv_sign): ... to this and add parameter for inverting
sign of second operand.
(_gcry_mpi_add): New.
(_gcry_mpi_sub): Remove mpi_copy and instead use new
'_gcry_mpi_add_inv_sign' function with inverted sign for second
operand.
--
Benchmark on AMD Ryzen 9 7900X:
Before:
| nanosecs/byte mebibytes/sec cycles/byte auto Mhz
add | 0.052 ns/B 18301 MiB/s 0.287 c/B 5500
sub | 0.098 ns/B 9768 MiB/s 0.537 c/B 5500
After:
| nanosecs/byte mebibytes/sec cycles/byte auto Mhz
add | 0.030 ns/B 31771 MiB/s 0.165 c/B 5500
sub | 0.031 ns/B 31187 MiB/s 0.168 c/B 5500
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/bench-slope.c (MPI_START_SIZE, MPI_END_SIZE, MPI_STEP_SIZE)
(MPI_NUM_STEPS, bench_mpi_test, mpi_test_names, bench_mpi_mode)
(bench_mpi_hd, bench_mpi_init, bench_mpi_fre, bench_mpi_do_bench)
(mpi_ops, mpi_modes, mpi_bench_one, _mpi_bench, mpi_match_test)
(mpi_bench): New.
(print_help): Add mention of 'mpi'.
(main): Add "mpi" tests.
--
Patch adds MPI operation benchmarking for bench-slope:
$ tests/bench-slope --cpu-mhz auto mpi
MPI:
| nanosecs/byte mebibytes/sec cycles/byte auto Mhz
add | 0.054 ns/B 17580 MiB/s 0.298 c/B 5500
sub | 0.083 ns/B 11432 MiB/s 0.459 c/B 5500
rshift3 | 0.033 ns/B 28862 MiB/s 0.182 c/B 5499
lshift3 | 0.093 ns/B 10256 MiB/s 0.511 c/B 5500
rshift65 | 0.096 ns/B 9888 MiB/s 0.530 c/B 5500
lshift65 | 0.093 ns/B 10228 MiB/s 0.513 c/B 5500
mul4 | 0.074 ns/B 12825 MiB/s 0.409 c/B 5500
mul8 | 0.072 ns/B 13313 MiB/s 0.394 c/B 5500
mul16 | 0.148 ns/B 6450 MiB/s 0.813 c/B 5500
mul32 | 0.299 ns/B 3191 MiB/s 1.64 c/B 5500
div4 | 0.458 ns/B 2080 MiB/s 2.52 c/B 5500
div8 | 0.458 ns/B 2084 MiB/s 2.52 c/B 5500
div16 | 0.602 ns/B 1584 MiB/s 3.31 c/B 5500
div32 | 0.926 ns/B 1030 MiB/s 5.09 c/B 5500
mod4 | 0.443 ns/B 2151 MiB/s 2.44 c/B 5500
mod8 | 0.443 ns/B 2152 MiB/s 2.44 c/B 5500
mod16 | 0.600 ns/B 1590 MiB/s 3.30 c/B 5500
mod32 | 0.924 ns/B 1032 MiB/s 5.08 c/B 5500
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
| |
* cipher/cipher.c (cipher_setkey): Restore weak-key error-code
in case mode specific setkey returned success for the return code.
--
GnuPG-bug-id: 6451
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi: Add 'GCRYCTL_SET_ALLOW_WEAK_KEY' under
'gcry_cipher_ctl'.
--
GnuPG-bug-id: 6451
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
| |
* cipher/cipher.c (cipher_setkey): Do not reset RC.
--
This reverts commit 30840c2c45d718e0fd93cfd40771fbefa50e31f5.
GnuPG-bug-id: 6451
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
| |
* cipher/cipher.c (cipher_setkey): Reset RC.
--
GnuPG-bug-id: 6451
|
|
|
|
|
|
|
|
|
|
|
|
| |
* random/rndgetentropy.c (_gcry_rndgetentropy_gather_random)
[GRND_RANDOM]: Conditionalize the use of getrandom, as it's
not a portable function.
--
Fixes-commit: aab1d63e4def41593312f76de016c885ffafecde
GnuPG-bug-id: 6442
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
| |
cipher/cipher-poly1305.c (_gcry_cipher_poly1305_encrypt)
(_gcry_cipher_poly1305_decrypt) [USE_CHACHA20]: Conditionalize.
--
GnuPG-bug-id: 6384
Reported-by: Andrew Collier
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/cipher-gcm-ppc.c (_gcry_ghash_ppc_vpmsum): Increament
'buf' pointer right after use; Use 'for' loop for inner 4-blocks
loop to allow compiler to better optimize loop.
--
Benchmark on POWER9:
Before:
| nanosecs/byte mebibytes/sec cycles/byte
GMAC_AES | 0.226 ns/B 4211 MiB/s 0.521 c/B
After:
| nanosecs/byte mebibytes/sec cycles/byte
GMAC_AES | 0.224 ns/B 4251 MiB/s 0.516 c/B
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
| |
--
GnuPG-bug-id: 6435
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am [ENABLE_O_FLAG_MUNGING]: Support -Oz.
* random/Makefile.am [ENABLE_O_FLAG_MUNGING]: Support -Oz.
--
GnuPG-bug-id: 6432
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
| |
* m4/gpg-error.m4: Update from libgpg-error master.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (_gcry_fips_indicator_pk_flags): List more allowed string
in the S-expression.
* doc/gcrypt.texi: Add document for the FIPS service indicator
GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS with example.
--
GnuPG-bug-id: 6417
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
| |
* m4/gpg-error.m4: Update from libgpg-error master.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
| |
* cipher/camellia-simd128.h (rol32_1_16): Use vpsrlb128 for uint8
right shift by 7 if available.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/camellia-aesni-avx2-amd64.h (IF_GFNI, IF_NOT_GFNI): New.
[CAMELLIA_GFNI_BUILD] (rol32_1_32): Add GFNI variant which uses
vgf2p8affineqb for uint8 right shift by 7.
(fls32): Load 'right shift by 7' bit-matrix on GFNI build.
[CAMELLIA_GFNI_BUILD] (.Lright_shift_by_7): New.
* cipher/camellia-gfni-avx512-amd64.S (clear_regs): Don't clear %k1.
(rol32_1_64): Use vgf2p8affineqb for uint8 right shift by 7.
(fls64): Adjust for rol32_1_64 changes.
(.Lbyte_ones): Remove.
(.Lright_shift_by_7): New.
(_gcry_camellia_gfni_avx512_ctr_enc): Clear %k1 after use.
--
Benchmark on Intel Core i3-1115G4:
Before:
CAMELLIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 0.194 ns/B 4920 MiB/s 0.794 c/B 4096±4
ECB dec | 0.194 ns/B 4916 MiB/s 0.793 c/B 4089
After (~1.7% faster)
CAMELLIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 0.190 ns/B 5008 MiB/s 0.780 c/B 4096±3
ECB dec | 0.191 ns/B 5002 MiB/s 0.781 c/B 4096±3
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
| |
* tests/basic.c (check_digests): Check the FIPS indicators.
(check_mac): Ditto.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
|
| |
* src/fips.c: (_gcry_fips_indicator_function): Mark using random
override non-approved in FIPS mode.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (_gcry_fips_indicator_pk_flags): New function for explicit
FIPS indicator for public key algorithm flags.
* src/g10lib.h (_gcry_fips_indicator_pk_flags): New.
* src/gcrypt.h.in (GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS): New.
* src/global.c (_gcry_vcontrol): Handle the new option.
* doc/gcrypt.texi: Document new options.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi: Document the new options for FIPS indicators.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
|
|
| |
* cipher/mac-hmac.c (_gcry_mac_type_spec_hmac_md5): Allow in fips mode.
* cipher/md5.c (_gcry_digest_spec_md5): Allow in fips mode.
--
GnuPG-bug-id: 6376
Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (_gcry_fips_indicator_mac): New function indicating
non-approved mac algorithms.
(_gcry_fips_indicator_md): new functions indicating non-approved
message digest algorithms.
* src/g10lib.h (_gcry_fips_indicator_mac): New function.
(_gcry_fips_indicator_md): Ditto.
* src/gcrypt.h.in (enum gcry_ctl_cmds): New symbols,
GCRYCTL_FIPS_SERVICE_INDICATOR_MAC and
GCRYCTL_FIPS_SERVICE_INDICATOR_MD.
* src/global.c (_gcry_vcontrol): Handle new FIPS indicators.
--
GnuPG-bug-id: 6376
Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/kdf.c (check_one): run selftests for more approved parameters
and check that wrong parameters correctly fail in FIPS mode.
--
Fixes-commit: 535a4d345872aa2cd2ab3a5f9c4411d0a0313328
GnuPG-bug-id: 5512
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (get_file_offset): Check return value of ftell to be able
to detect errors.
--
Originally reported by coverity.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* random/random-drbg.c (global): Remove unused SHA384-based defines.
(drbg_cores): Remove SHA384 configurations.
(drbg_sec_strength): Remove unused SHA384.
--
These are no longer allowed by FIPS and it looks like they were never
usable as they do not have any conversion from the string flags.
GnuPG-bug-id: 6393
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
* src/visibility.c (gcry_pk_hash_sign): Check fips status before
calling the operation itself.
(gcry_pk_hash_verify): Ditto.
--
GnuPG-bug-id: 6396
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/ecc.c (test_keys_fips): Replace calls to log_fatal with
return code on error.
(ecc_generate): Signal error when PCT fails in FIPS mode.
--
GnuPG-bug-id: 6397
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/ecc.c (ecc_generate): Do not allow skipping tests PCT tests
in FIPS mode.
--
The new FIPS specification requires to run the PCT without any
exceptions.
GnuPG-bug-id: 6394
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
* cipher/rijndael-ppc.c (_gcry_aes_sbox4_ppc8): Remove.
(bcast_u32_to_vec, u32_from_vec): New.
(_gcry_aes_ppc8_setkey): Use vectors for round key calculation
variables.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'sm4-ppc.c'.
* cipher/sm4-ppc.c: New.
* cipher/sm4.c (USE_PPC_CRYPTO): New.
(SM4_context): Add 'use_ppc8le' and 'use_ppc9le'.
[USE_PPC_CRYPTO] (_gcry_sm4_ppc8le_crypt_blk1_16)
(_gcry_sm4_ppc9le_crypt_blk1_16, sm4_ppc8le_crypt_blk1_16)
(sm4_ppc9le_crypt_blk1_16): New.
(sm4_setkey) [USE_PPC_CRYPTO]: Set use_ppc8le and use_ppc9le
based on HW features.
(sm4_get_crypt_blk1_16_fn) [USE_PPC_CRYPTO]: Add PowerPC
implementation selection.
--
Benchmark on POWER9:
Before:
SM4 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 14.47 ns/B 65.89 MiB/s 33.29 c/B
ECB dec | 14.47 ns/B 65.89 MiB/s 33.29 c/B
CBC enc | 35.09 ns/B 27.18 MiB/s 80.71 c/B
CBC dec | 16.69 ns/B 57.13 MiB/s 38.39 c/B
CFB enc | 35.09 ns/B 27.18 MiB/s 80.71 c/B
CFB dec | 16.76 ns/B 56.90 MiB/s 38.55 c/B
CTR enc | 16.88 ns/B 56.50 MiB/s 38.82 c/B
CTR dec | 16.88 ns/B 56.50 MiB/s 38.82 c/B
After (ECB ~4.4x faster):
SM4 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 3.26 ns/B 292.3 MiB/s 7.50 c/B
ECB dec | 3.26 ns/B 292.3 MiB/s 7.50 c/B
CBC enc | 35.10 ns/B 27.17 MiB/s 80.72 c/B
CBC dec | 3.33 ns/B 286.3 MiB/s 7.66 c/B
CFB enc | 35.10 ns/B 27.17 MiB/s 80.74 c/B
CFB dec | 3.36 ns/B 283.8 MiB/s 7.73 c/B
CTR enc | 3.47 ns/B 275.0 MiB/s 7.98 c/B
CTR dec | 3.47 ns/B 275.0 MiB/s 7.98 c/B
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/camellia-simd128.h (if_vpsrlb128)
(if_not_vpsrlb128): New.
(filter_8bit): Use 'vpsrlb128' when available on target
architecture (PowerPC and AArch64).
--
Benchmark on POWER9:
Before:
CAMELLIA128 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 3.26 ns/B 292.8 MiB/s 7.49 c/B
ECB dec | 3.29 ns/B 290.0 MiB/s 7.56 c/B
After (~2% faster):
CAMELLIA128 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 3.16 ns/B 301.4 MiB/s 7.28 c/B
ECB dec | 3.19 ns/B 298.7 MiB/s 7.34 c/B
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
| |
* cipher/chacha20-ppc.c (HAVE_FUNC_ATTR_TARGET): New.
(_gcry_chacha20_ppc9_blocks1, _gcry_chacha20_ppc9_blocks4)
(_gcry_chacha20_poly1305_ppc8_blocks4): Use inline functions
only if HAVE_FUNC_ATTR_TARGET is defined.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/chacha20-ppc.c (chacha20_ppc_blocks1)
(chacha20_ppc_blocks4, chacha20_poly1305_ppc_blocks4): Move
'ASM_FUNC_ATTR_INLINE' right after 'static'.
* cipher/sha256-ppc.c (sha256_transform_ppc): Likewise.
* cipher/sha512-ppc.c (sha512_transform_ppc): Likewise.
--
Patch fixes these GCC warnings in PowerPC implementations:
warning: 'inline' is not at beginning of declaration [-Wold-style-declaration]
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (gcry_cv_gcc_attribute_ppc_target)
(gcry_cv_clang_attribute_ppc_target): Add 'always_inline'
function to test.
--
With some CFLAG combinations, target attribute fails to work with
always_inline functions. Patch adds detection for such configuration
and disables target attribute use in such case (and suffer less
optimal code generation).
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'camellia-aarch64-ce.(c|o|lo)'.
(aarch64_neon_cflags): New.
* cipher/camellia-aarch64-ce.c: New.
* cipher/camellia-glue.c (USE_AARCH64_CE): New.
(CAMELLIA_context): Add 'use_aarch64ce'.
(_gcry_camellia_aarch64ce_encrypt_blk16)
(_gcry_camellia_aarch64ce_decrypt_blk16)
(_gcry_camellia_aarch64ce_keygen, camellia_aarch64ce_enc_blk16)
(camellia_aarch64ce_dec_blk16, aarch64ce_burn_stack_depth): New.
(camellia_setkey) [USE_AARCH64_CE]: Set use_aarch64ce if HW has
HWF_ARM_AES; Use AArch64/CE key generation if supported by HW.
(camellia_encrypt_blk1_32, camellia_decrypt_blk1_32)
[USE_AARCH64_CE]: Add AArch64/CE code path.
--
Patch enables 128-bit vector instrinsics implementation of Camellia
cipher for AArch64.
Benchmark on AWS Graviton2:
Before:
CAMELLIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 5.99 ns/B 159.2 MiB/s 14.97 c/B 2500
ECB dec | 5.99 ns/B 159.1 MiB/s 14.98 c/B 2500
CBC enc | 6.16 ns/B 154.7 MiB/s 15.41 c/B 2500
CBC dec | 6.12 ns/B 155.8 MiB/s 15.29 c/B 2499
CFB enc | 6.49 ns/B 147.0 MiB/s 16.21 c/B 2500
CFB dec | 6.05 ns/B 157.6 MiB/s 15.13 c/B 2500
CTR enc | 6.09 ns/B 156.7 MiB/s 15.22 c/B 2500
CTR dec | 6.09 ns/B 156.6 MiB/s 15.22 c/B 2500
XTS enc | 6.16 ns/B 154.9 MiB/s 15.39 c/B 2500
XTS dec | 6.16 ns/B 154.8 MiB/s 15.40 c/B 2499
GCM enc | 6.31 ns/B 151.1 MiB/s 15.78 c/B 2500
GCM dec | 6.31 ns/B 151.1 MiB/s 15.78 c/B 2500
GCM auth | 0.206 ns/B 4635 MiB/s 0.514 c/B 2500
OCB enc | 6.63 ns/B 143.9 MiB/s 16.57 c/B 2499
OCB dec | 6.63 ns/B 143.9 MiB/s 16.56 c/B 2499
OCB auth | 6.55 ns/B 145.7 MiB/s 16.37 c/B 2499
After (ecb ~2.1x faster):
CAMELLIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 2.77 ns/B 344.2 MiB/s 6.93 c/B 2499
ECB dec | 2.76 ns/B 345.3 MiB/s 6.90 c/B 2499
CBC enc | 6.17 ns/B 154.7 MiB/s 15.41 c/B 2499
CBC dec | 2.89 ns/B 330.3 MiB/s 7.22 c/B 2500
CFB enc | 6.48 ns/B 147.1 MiB/s 16.21 c/B 2499
CFB dec | 2.84 ns/B 336.1 MiB/s 7.09 c/B 2499
CTR enc | 2.90 ns/B 328.8 MiB/s 7.25 c/B 2499
CTR dec | 2.90 ns/B 328.9 MiB/s 7.25 c/B 2500
XTS enc | 2.93 ns/B 325.3 MiB/s 7.33 c/B 2500
XTS dec | 2.92 ns/B 326.2 MiB/s 7.31 c/B 2500
GCM enc | 3.10 ns/B 307.2 MiB/s 7.76 c/B 2500
GCM dec | 3.10 ns/B 307.2 MiB/s 7.76 c/B 2499
GCM auth | 0.206 ns/B 4635 MiB/s 0.514 c/B 2500
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'camellia-simd128.h',
'camellia-ppc8le.c' and 'camellia-ppc9le.c'.
* cipher/camellia-glue.c (USE_PPC_CRYPTO): New.
(CAMELLIA_context) [USE_PPC_CRYPTO]: Add 'use_ppc', 'use_ppc8'
and 'use_ppc9'.
[USE_PPC_CRYPTO] (_gcry_camellia_ppc8_encrypt_blk16)
(_gcry_camellia_ppc8_decrypt_blk16, _gcry_camellia_ppc8_keygen)
(_gcry_camellia_ppc9_encrypt_blk16)
(_gcry_camellia_ppc9_decrypt_blk16, _gcry_camellia_ppc9_keygen)
(camellia_ppc_enc_blk16, camellia_ppc_dec_blk16)
(ppc_burn_stack_depth): New.
(camellia_setkey) [USE_PPC_CRYPTO]: Setup 'use_ppc', 'use_ppc8'
and 'use_ppc9' and use PPC key-generation if HWF is available.
(camellia_encrypt_blk1_32)
(camellia_decrypt_blk1_32) [USE_PPC_CRYPTO]: Add 'use_ppc' paths.
(_gcry_camellia_ocb_crypt, _gcry_camellia_ocb_auth): Enable
generic bulk path when USE_PPC_CRYPTO is defined.
* cipher/camellia-ppc8le.c: New.
* cipher/camellia-ppc9le.c: New.
* cipher/camellia-simd128.h: New.
* configure.ac: Add 'camellia-ppc8le.lo' and 'camellia-ppc9le.lo'.
--
Patch adds 128-bit vector instrinsics implementation of Camellia
cipher and enables implementation for POWER8 and POWER9.
Benchmark on POWER9:
Before:
CAMELLIA128 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 13.45 ns/B 70.90 MiB/s 30.94 c/B
ECB dec | 13.45 ns/B 70.92 MiB/s 30.93 c/B
CBC enc | 15.22 ns/B 62.66 MiB/s 35.00 c/B
CBC dec | 13.54 ns/B 70.41 MiB/s 31.15 c/B
CFB enc | 15.24 ns/B 62.59 MiB/s 35.04 c/B
CFB dec | 13.53 ns/B 70.48 MiB/s 31.12 c/B
CTR enc | 13.60 ns/B 70.15 MiB/s 31.27 c/B
CTR dec | 13.62 ns/B 70.02 MiB/s 31.33 c/B
XTS enc | 13.67 ns/B 69.74 MiB/s 31.45 c/B
XTS dec | 13.74 ns/B 69.41 MiB/s 31.60 c/B
GCM enc | 18.18 ns/B 52.45 MiB/s 41.82 c/B
GCM dec | 17.76 ns/B 53.69 MiB/s 40.86 c/B
GCM auth | 4.12 ns/B 231.7 MiB/s 9.47 c/B
OCB enc | 14.40 ns/B 66.22 MiB/s 33.12 c/B
OCB dec | 14.40 ns/B 66.23 MiB/s 33.12 c/B
OCB auth | 14.37 ns/B 66.37 MiB/s 33.05 c/B
After (ECB ~4.1x faster):
CAMELLIA128 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 3.25 ns/B 293.7 MiB/s 7.47 c/B
ECB dec | 3.25 ns/B 293.4 MiB/s 7.48 c/B
CBC enc | 15.22 ns/B 62.68 MiB/s 35.00 c/B
CBC dec | 3.36 ns/B 284.1 MiB/s 7.72 c/B
CFB enc | 15.25 ns/B 62.55 MiB/s 35.07 c/B
CFB dec | 3.36 ns/B 284.0 MiB/s 7.72 c/B
CTR enc | 3.47 ns/B 275.1 MiB/s 7.97 c/B
CTR dec | 3.47 ns/B 275.1 MiB/s 7.97 c/B
XTS enc | 3.54 ns/B 269.0 MiB/s 8.15 c/B
XTS dec | 3.54 ns/B 269.6 MiB/s 8.14 c/B
GCM enc | 3.69 ns/B 258.2 MiB/s 8.49 c/B
GCM dec | 3.69 ns/B 258.2 MiB/s 8.50 c/B
GCM auth | 0.226 ns/B 4220 MiB/s 0.520 c/B
OCB enc | 3.81 ns/B 250.2 MiB/s 8.77 c/B
OCB dec | 4.08 ns/B 233.8 MiB/s 9.38 c/B
OCB auth | 3.53 ns/B 270.0 MiB/s 8.12 c/B
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
| |
* cipher/rijndael-vaes-avx2-amd64.S
(_gcry_vaes_avx2_xts_crypt_amd64): On fast exit path, compare
number of blocks left against '1' instead of '0' as following
branch is 'less than'.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (gcry_cv_clang_attribute_ppc_target): New.
* cipher/chacha20-ppc.c [HAVE_CLANG_ATTRIBUTE_PPC_TARGET]
(FUNC_ATTR_TARGET_P8, FUNC_ATTR_TARGET_P9): New.
* cipher/rijndael-ppc.c [HAVE_CLANG_ATTRIBUTE_PPC_TARGET]
(FPC_OPT_ATTR): New.
* cipher/rijndael-ppc9le.c [HAVE_CLANG_ATTRIBUTE_PPC_TARGET]
(FPC_OPT_ATTR): New.
* cipher/sha256-ppc.c [HAVE_CLANG_ATTRIBUTE_PPC_TARGET]
(FUNC_ATTR_TARGET_P8, FUNC_ATTR_TARGET_P9): New.
* cipher/sha512-ppc.c [HAVE_CLANG_ATTRIBUTE_PPC_TARGET]
(FUNC_ATTR_TARGET_P8, FUNC_ATTR_TARGET_P9): New.
(ror64): Remove unused function.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/chacha20-ppc.c (_gcry_chacha20_ppc8_blocks1): Rename to...
(chacha20_ppc_blocks1): ...this; Add 'always inline' attribute.
(_gcry_chacha20_ppc8_blocks4): Rename to...
(chacha20_ppc_blocks4): ...this; Add 'always inline' attribute.
(_gcry_chacha20_poly1305_ppc8_blocks4): Rename to...
(chacha20_poly1305_ppc_blocks4): ...this; Add 'always inline'
attribute.
(FUNC_ATTR_OPT_O2, FUNC_ATTR_TARGET_P8, FUNC_ATTR_TARGET_P9): New.
(_gcry_chacha20_ppc8_blocks1, _gcry_chacha20_ppc8_blocks4)
(_gcry_chacha20_poly1305_ppc8_blocks4): New.
(_gcry_chacha20_ppc9_blocks1, _gcry_chacha20_ppc9_blocks4)
(_gcry_chacha20_poly1305_ppc9_blocks4): New.
* cipher/chacha20.c (CHACHA20_context_t): Add 'use_p9'.
(_gcry_chacha20_ppc9_blocks1, _gcry_chacha20_ppc9_blocks4)
(_gcry_chacha20_poly1305_ppc9_blocks4): New.
(chacha20_do_setkey): Set 'use_p9' if HW has HWF_PPC_ARCH_3_00.
(chacha20_blocks, do_chacha20_encrypt_stream_tail)
(_gcry_chacha20_poly1305_encrypt)
(_gcry_chacha20_poly1305_decrypt) [USE_PPC_VEC]: Add 'use_p9' paths.
--
This change makes sure that chacha20-ppc gets compiled
with proper optimization level and right target setting.
Benchmark on POWER9:
CHACHA20 | nanosecs/byte mebibytes/sec cycles/byte
STREAM enc | 1.11 ns/B 856.0 MiB/s 2.56 c/B
STREAM dec | 1.11 ns/B 856.0 MiB/s 2.56 c/B
POLY1305 enc | 1.57 ns/B 606.2 MiB/s 3.62 c/B
POLY1305 dec | 1.56 ns/B 610.4 MiB/s 3.59 c/B
POLY1305 auth | 0.876 ns/B 1089 MiB/s 2.02 c/B
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/rijndael-ppc-functions.h: Add PPC_OPT_ATTR attribute
macro for all functions.
* cipher/rijndael-ppc.c (FUNC_ATTR_OPT, PPC_OPT_ATTR): New.
(_gcry_aes_ppc8_setkey, _gcry_aes_ppc8_prepare_decryption): Add
PPC_OPT_ATTR attribute macro.
* cipher/rijndael-ppc9le.c (FUNC_ATTR_OPT, PPC_OPT_ATTR): New.
--
This change makes sure that PPC accelerated AES gets compiled
with proper optimization level and right target setting.
Benchmark on POWER9:
AES | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 0.305 ns/B 3129 MiB/s 0.701 c/B
ECB dec | 0.305 ns/B 3127 MiB/s 0.701 c/B
CBC enc | 1.66 ns/B 575.3 MiB/s 3.81 c/B
CBC dec | 0.318 ns/B 2997 MiB/s 0.732 c/B
CFB enc | 1.66 ns/B 574.7 MiB/s 3.82 c/B
CFB dec | 0.319 ns/B 2987 MiB/s 0.734 c/B
OFB enc | 2.15 ns/B 443.4 MiB/s 4.95 c/B
OFB dec | 2.15 ns/B 443.3 MiB/s 4.95 c/B
CTR enc | 0.328 ns/B 2907 MiB/s 0.754 c/B
CTR dec | 0.328 ns/B 2906 MiB/s 0.755 c/B
XTS enc | 0.516 ns/B 1849 MiB/s 1.19 c/B
XTS dec | 0.515 ns/B 1850 MiB/s 1.19 c/B
CCM enc | 1.98 ns/B 480.6 MiB/s 4.56 c/B
CCM dec | 1.98 ns/B 480.5 MiB/s 4.56 c/B
CCM auth | 1.66 ns/B 574.9 MiB/s 3.82 c/B
EAX enc | 1.99 ns/B 480.2 MiB/s 4.57 c/B
EAX dec | 1.99 ns/B 480.2 MiB/s 4.57 c/B
EAX auth | 1.66 ns/B 575.2 MiB/s 3.81 c/B
GCM enc | 0.552 ns/B 1727 MiB/s 1.27 c/B
GCM dec | 0.552 ns/B 1728 MiB/s 1.27 c/B
GCM auth | 0.225 ns/B 4240 MiB/s 0.517 c/B
OCB enc | 0.381 ns/B 2504 MiB/s 0.876 c/B
OCB dec | 0.385 ns/B 2477 MiB/s 0.886 c/B
OCB auth | 0.356 ns/B 2682 MiB/s 0.818 c/B
SIV enc | 1.98 ns/B 480.9 MiB/s 4.56 c/B
SIV dec | 2.11 ns/B 452.9 MiB/s 4.84 c/B
SIV auth | 1.66 ns/B 575.4 MiB/s 3.81 c/B
GCM-SIV enc | 0.726 ns/B 1314 MiB/s 1.67 c/B
GCM-SIV dec | 0.843 ns/B 1131 MiB/s 1.94 c/B
GCM-SIV auth | 0.377 ns/B 2527 MiB/s 0.868 c/B
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/rijndael-ppc-functions.h (CTR32LE_ENC_FUNC): New.
* cipher/rijndael-ppc.c (_gcry_aes_ppc8_ctr32le_enc): New.
* cipher/rijndael-ppc9le.c (_gcry_aes_ppc9le_ctr32le_enc): New.
* cipher/rijndael.c (_gcry_aes_ppc8_ctr32le_enc)
(_gcry_aes_ppc9le_ctr32le_enc): New.
(do_setkey): Setup _gcry_aes_ppc8_ctr32le_enc for POWER8 and
_gcry_aes_ppc9le_ctr32le_enc for POWER9.
--
Benchmark on POWER9:
Before:
AES | nanosecs/byte mebibytes/sec cycles/byte
GCM-SIV enc | 1.42 ns/B 672.2 MiB/s 3.26 c/B
After:
AES | nanosecs/byte mebibytes/sec cycles/byte
GCM-SIV enc | 0.725 ns/B 1316 MiB/s 1.67 c/B
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|