diff options
| author | Mamone Tarsha <maamoun.tk@googlemail.com> | 2021-05-08 02:32:52 +0300 |
|---|---|---|
| committer | Mamone Tarsha <maamoun.tk@googlemail.com> | 2021-05-08 02:32:52 +0300 |
| commit | 71dafe9193a677da90d4b3964e5ab76f468bc6de (patch) | |
| tree | 3f3eb2ac8ac324bf7a2e54aa8d94dc0e8d1ccc0e | |
| parent | 4651503844c1e0264ece32160c1c3bfd585b162e (diff) | |
| download | nettle-71dafe9193a677da90d4b3964e5ab76f468bc6de.tar.gz | |
[S390x] Basic AES-192 and AES-256 optimizations
| -rw-r--r-- | Makefile.in | 2 | ||||
| -rw-r--r-- | configure.ac | 15 | ||||
| -rw-r--r-- | s390x/msa_x2/aes192-decrypt.asm | 60 | ||||
| -rw-r--r-- | s390x/msa_x2/aes192-encrypt.asm | 60 | ||||
| -rw-r--r-- | s390x/msa_x2/aes192-set-decrypt-key.asm | 52 | ||||
| -rw-r--r-- | s390x/msa_x2/aes192-set-encrypt-key.asm | 43 | ||||
| -rw-r--r-- | s390x/msa_x2/aes256-decrypt.asm | 60 | ||||
| -rw-r--r-- | s390x/msa_x2/aes256-encrypt.asm | 60 | ||||
| -rw-r--r-- | s390x/msa_x2/aes256-set-decrypt-key.asm | 52 | ||||
| -rw-r--r-- | s390x/msa_x2/aes256-set-encrypt-key.asm | 43 |
10 files changed, 440 insertions, 7 deletions
diff --git a/Makefile.in b/Makefile.in index 74a1a7e7..87d193b6 100644 --- a/Makefile.in +++ b/Makefile.in @@ -620,7 +620,7 @@ distdir: $(DISTFILES) arm arm/neon arm/v6 arm/fat \ arm64 arm64/crypto arm64/fat \ powerpc64 powerpc64/p7 powerpc64/p8 powerpc64/fat \ - s390x s390x/msa_x1 ; do \ + s390x s390x/msa_x1 s390x/msa_x2 ; do \ mkdir "$(distdir)/$$d" ; \ find "$(srcdir)/$$d" -maxdepth 1 '(' -name '*.asm' -o -name '*.m4' -o -name README ')' \ -exec cp '{}' "$(distdir)/$$d" ';' ; \ diff --git a/configure.ac b/configure.ac index cc85340e..c207ea7a 100644 --- a/configure.ac +++ b/configure.ac @@ -101,9 +101,9 @@ AC_ARG_ENABLE(power-altivec, AC_HELP_STRING([--enable-power-altivec], [Enable POWER altivec and vsx extensions. (default=no)]),, [enable_altivec=no]) -AC_ARG_ENABLE(s390x-msa-x1, - AC_HELP_STRING([--enable-s390x-msa-x1], [Enable message-security assist extension 1 on z/Architecture. (default=no)]),, - [enable_s390x_msa_x1=no]) +AC_ARG_ENABLE(s390x-msa, + AC_HELP_STRING([--enable-s390x-msa], [Enable message-security assist extensions on z/Architecture. (default=no)]),, + [enable_s390x_msa=no]) AC_ARG_ENABLE(mini-gmp, AC_HELP_STRING([--enable-mini-gmp], [Enable mini-gmp, used instead of libgmp.]),, @@ -530,8 +530,8 @@ if test "x$enable_assembler" = xyes ; then *s390x*) if test "$ABI" = 64 ; then asm_path="s390x" - if test "$enable_s390x_msa_x1" = yes ; then - asm_path="s390x/msa_x1 $asm_path" + if test "$enable_s390x_msa" = yes ; then + asm_path="s390x/msa_x1 s390x/msa_x2 $asm_path" fi fi ;; @@ -555,7 +555,10 @@ asm_replace_list="aes-encrypt-internal.asm aes-decrypt-internal.asm \ # Files which replace a C source file that used by S390x architecture. asm_replace_list="$asm_replace_list aes128-set-encrypt-key.asm \ - aes128-set-decrypt-key.asm aes128-encrypt.asm aes128-decrypt.asm" + aes128-set-decrypt-key.asm aes128-encrypt.asm aes128-decrypt.asm \ + aes192-set-encrypt-key.asm aes192-set-decrypt-key.asm aes192-encrypt.asm \ + aes192-decrypt.asm aes256-set-encrypt-key.asm aes256-set-decrypt-key.asm \ + aes256-encrypt.asm aes256-decrypt.asm" # Assembler files which generate additional object files if they are used. asm_nettle_optional_list="gcm-hash.asm gcm-hash8.asm cpuid.asm \ diff --git a/s390x/msa_x2/aes192-decrypt.asm b/s390x/msa_x2/aes192-decrypt.asm new file mode 100644 index 00000000..09afaff2 --- /dev/null +++ b/s390x/msa_x2/aes192-decrypt.asm @@ -0,0 +1,60 @@ +C s390x/msa_x2/aes192-decrypt.asm + +ifelse(` + Copyright (C) 2020 Mamone Tarsha + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +') + +C KM (CIPHER MESSAGE) is specefied in "z/Architecture Principles of Operation SA22-7832-12" as follows: +C A function specified by the function code in general register 0 is performed. +C General register 1 contains the logical address of the leftmost byte of the parameter block in storage. +C The second operand is ciphered as specified by the function code using a cryptographic +C key in the parameter block, and the result is placed in the first-operand location. + +C This implementation uses KM-AES-192 function. +C The parameter block used for the KM-AES-192 function has the following format: +C *----------------------------------------------* +C | Cryptographic Key (24 bytes) | +C *----------------------------------------------* + +.file "aes192-decrypt.asm" + +.text + +C void +C aes192_decrypt(const struct aes192_ctx *ctx, +C size_t length, uint8_t *dst, +C const uint8_t *src) + +PROLOGUE(nettle_aes192_decrypt) + lghi %r0,128|19 C KM function code (KM-AES-192), enable modifier bit to perform decryption operation + lgr %r1,%r2 C parameter block: byte offsets 0-23 Cryptographic Key + lgr %r2,%r5 +1: .long 0xb92e0042 C km %r4,%r2 + brc 1,1b C safely branch back in case of partial completion + br RA +EPILOGUE(nettle_aes192_decrypt) diff --git a/s390x/msa_x2/aes192-encrypt.asm b/s390x/msa_x2/aes192-encrypt.asm new file mode 100644 index 00000000..94edcfdb --- /dev/null +++ b/s390x/msa_x2/aes192-encrypt.asm @@ -0,0 +1,60 @@ +C s390x/msa_x2/aes192-encrypt.asm + +ifelse(` + Copyright (C) 2020 Mamone Tarsha + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +') + +C KM (CIPHER MESSAGE) is specefied in "z/Architecture Principles of Operation SA22-7832-12" as follows: +C A function specified by the function code in general register 0 is performed. +C General register 1 contains the logical address of the leftmost byte of the parameter block in storage. +C The second operand is ciphered as specified by the function code using a cryptographic +C key in the parameter block, and the result is placed in the first-operand location. + +C This implementation uses KM-AES-192 function. +C The parameter block used for the KM-AES-192 function has the following format: +C *----------------------------------------------* +C | Cryptographic Key (24 bytes) | +C *----------------------------------------------* + +.file "aes192-encrypt.asm" + +.text + +C void +C aes192_encrypt(const struct aes192_ctx *ctx, +C size_t length, uint8_t *dst, +C const uint8_t *src) + +PROLOGUE(nettle_aes192_encrypt) + lghi %r0,19 C KM function code (KM-AES-192) + lgr %r1,%r2 C parameter block: byte offsets 0-23 Cryptographic Key + lgr %r2,%r5 +1: .long 0xb92e0042 C km %r4,%r2 + brc 1,1b C safely branch back in case of partial completion + br RA +EPILOGUE(nettle_aes192_encrypt) diff --git a/s390x/msa_x2/aes192-set-decrypt-key.asm b/s390x/msa_x2/aes192-set-decrypt-key.asm new file mode 100644 index 00000000..6438dd46 --- /dev/null +++ b/s390x/msa_x2/aes192-set-decrypt-key.asm @@ -0,0 +1,52 @@ +C s390x/msa_x2/aes192-set-decrypt-key.asm + +ifelse(` + Copyright (C) 2020 Mamone Tarsha + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +') + +.file "aes192-set-decrypt-key.asm" + +.text + +C void +C aes192_invert_key(struct aes192_ctx *dst, const struct aes192_ctx *src) + +PROLOGUE(nettle_aes192_invert_key) + C AES cipher functions only need the raw cryptographic key so just copy it to AES context + mvc 0(24,%r2),0(%r3) C copy Cryptographic Key (24 bytes) + br RA +EPILOGUE(nettle_aes192_invert_key) + +C void +C aes192_set_decrypt_key(struct aes192_ctx *ctx, const uint8_t *key) + +PROLOGUE(nettle_aes192_set_decrypt_key) + C AES cipher functions only need the raw cryptographic key so just copy it to AES context + mvc 0(24,%r2),0(%r3) C copy Cryptographic Key (24 bytes) + br RA +EPILOGUE(nettle_aes192_set_decrypt_key) diff --git a/s390x/msa_x2/aes192-set-encrypt-key.asm b/s390x/msa_x2/aes192-set-encrypt-key.asm new file mode 100644 index 00000000..7f600d5a --- /dev/null +++ b/s390x/msa_x2/aes192-set-encrypt-key.asm @@ -0,0 +1,43 @@ +C s390x/msa_x2/aes192-set-encrypt-key.asm + +ifelse(` + Copyright (C) 2020 Mamone Tarsha + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +') + +.file "aes192-set-encrypt-key.asm" + +.text + +C void +C aes192_set_encrypt_key(struct aes192_ctx *ctx, const uint8_t *key) + +PROLOGUE(nettle_aes192_set_encrypt_key) + C AES cipher functions only need the raw cryptographic key so just copy it to AES context + mvc 0(24,%r2),0(%r3) C copy Cryptographic Key (24 bytes) + br RA +EPILOGUE(nettle_aes192_set_encrypt_key) diff --git a/s390x/msa_x2/aes256-decrypt.asm b/s390x/msa_x2/aes256-decrypt.asm new file mode 100644 index 00000000..820732ad --- /dev/null +++ b/s390x/msa_x2/aes256-decrypt.asm @@ -0,0 +1,60 @@ +C s390x/msa_x2/aes256-decrypt.asm + +ifelse(` + Copyright (C) 2020 Mamone Tarsha + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +') + +C KM (CIPHER MESSAGE) is specefied in "z/Architecture Principles of Operation SA22-7832-12" as follows: +C A function specified by the function code in general register 0 is performed. +C General register 1 contains the logical address of the leftmost byte of the parameter block in storage. +C The second operand is ciphered as specified by the function code using a cryptographic +C key in the parameter block, and the result is placed in the first-operand location. + +C This implementation uses KM-AES-256 function. +C The parameter block used for the KM-AES-256 function has the following format: +C *----------------------------------------------* +C | Cryptographic Key (32 bytes) | +C *----------------------------------------------* + +.file "aes256-decrypt.asm" + +.text + +C void +C aes256_decrypt(const struct aes256_ctx *ctx, +C size_t length, uint8_t *dst, +C const uint8_t *src) + +PROLOGUE(nettle_aes256_decrypt) + lghi %r0,128|20 C KM function code (KM-AES-256), enable modifier bit to perform decryption operation + lgr %r1,%r2 C parameter block: byte offsets 0-31 Cryptographic Key + lgr %r2,%r5 +1: .long 0xb92e0042 C km %r4,%r2 + brc 1,1b C safely branch back in case of partial completion + br RA +EPILOGUE(nettle_aes256_decrypt) diff --git a/s390x/msa_x2/aes256-encrypt.asm b/s390x/msa_x2/aes256-encrypt.asm new file mode 100644 index 00000000..c1f7392e --- /dev/null +++ b/s390x/msa_x2/aes256-encrypt.asm @@ -0,0 +1,60 @@ +C s390x/msa_x2/aes256-encrypt.asm + +ifelse(` + Copyright (C) 2020 Mamone Tarsha + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +') + +C KM (CIPHER MESSAGE) is specefied in "z/Architecture Principles of Operation SA22-7832-12" as follows: +C A function specified by the function code in general register 0 is performed. +C General register 1 contains the logical address of the leftmost byte of the parameter block in storage. +C The second operand is ciphered as specified by the function code using a cryptographic +C key in the parameter block, and the result is placed in the first-operand location. + +C This implementation uses KM-AES-256 function. +C The parameter block used for the KM-AES-256 function has the following format: +C *----------------------------------------------* +C | Cryptographic Key (32 bytes) | +C *----------------------------------------------* + +.file "aes256-encrypt.asm" + +.text + +C void +C aes256_encrypt(const struct aes256_ctx *ctx, +C size_t length, uint8_t *dst, +C const uint8_t *src) + +PROLOGUE(nettle_aes256_encrypt) + lghi %r0,20 C KM function code (KM-AES-256) + lgr %r1,%r2 C parameter block: byte offsets 0-31 Cryptographic Key + lgr %r2,%r5 +1: .long 0xb92e0042 C km %r4,%r2 + brc 1,1b C safely branch back in case of partial completion + br RA +EPILOGUE(nettle_aes256_encrypt) diff --git a/s390x/msa_x2/aes256-set-decrypt-key.asm b/s390x/msa_x2/aes256-set-decrypt-key.asm new file mode 100644 index 00000000..74015aaf --- /dev/null +++ b/s390x/msa_x2/aes256-set-decrypt-key.asm @@ -0,0 +1,52 @@ +C s390x/msa_x2/aes256-set-decrypt-key.asm + +ifelse(` + Copyright (C) 2020 Mamone Tarsha + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +') + +.file "aes256-set-decrypt-key.asm" + +.text + +C void +C aes256_invert_key(struct aes256_ctx *dst, const struct aes256_ctx *src) + +PROLOGUE(nettle_aes256_invert_key) + C AES cipher functions only need the raw cryptographic key so just copy it to AES context + mvc 0(32,%r2),0(%r3) C copy Cryptographic Key (32 bytes) + br RA +EPILOGUE(nettle_aes256_invert_key) + +C void +C aes256_set_decrypt_key(struct aes256_ctx *ctx, const uint8_t *key) + +PROLOGUE(nettle_aes256_set_decrypt_key) + C AES cipher functions only need the raw cryptographic key so just copy it to AES context + mvc 0(32,%r2),0(%r3) C copy Cryptographic Key (32 bytes) + br RA +EPILOGUE(nettle_aes256_set_decrypt_key) diff --git a/s390x/msa_x2/aes256-set-encrypt-key.asm b/s390x/msa_x2/aes256-set-encrypt-key.asm new file mode 100644 index 00000000..1c525a7f --- /dev/null +++ b/s390x/msa_x2/aes256-set-encrypt-key.asm @@ -0,0 +1,43 @@ +C s390x/msa_x2/aes256-set-encrypt-key.asm + +ifelse(` + Copyright (C) 2020 Mamone Tarsha + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +') + +.file "aes256-set-encrypt-key.asm" + +.text + +C void +C aes256_set_encrypt_key(struct aes256_ctx *ctx, const uint8_t *key) + +PROLOGUE(nettle_aes256_set_encrypt_key) + C AES cipher functions only need the raw cryptographic key so just copy it to AES context + mvc 0(32,%r2),0(%r3) C copy Cryptographic Key (32 bytes) + br RA +EPILOGUE(nettle_aes256_set_encrypt_key) |