aegis256_armcrypto.c (2047B)
1 #include <errno.h> 2 #include <stddef.h> 3 #include <stdint.h> 4 #include <stdlib.h> 5 #include <string.h> 6 7 #include "core.h" 8 #include "crypto_aead_aegis256.h" 9 #include "crypto_verify_16.h" 10 #include "crypto_verify_32.h" 11 #include "export.h" 12 #include "utils.h" 13 14 #include "private/common.h" 15 16 #if defined(HAVE_ARMCRYPTO) && defined(NATIVE_LITTLE_ENDIAN) 17 18 #include "aegis256_armcrypto.h" 19 20 #ifndef __ARM_FEATURE_CRYPTO 21 #define __ARM_FEATURE_CRYPTO 1 22 #endif 23 #ifndef __ARM_FEATURE_AES 24 #define __ARM_FEATURE_AES 1 25 #endif 26 27 #include <arm_neon.h> 28 29 #ifdef __clang__ 30 #pragma clang attribute push(__attribute__((target("neon,crypto,aes"))), apply_to = function) 31 #elif defined(__GNUC__) 32 #pragma GCC target("+simd+crypto") 33 #endif 34 35 #define AES_BLOCK_LENGTH 16 36 37 typedef uint8x16_t aes_block_t; 38 #define AES_BLOCK_XOR(A, B) veorq_u8((A), (B)) 39 #define AES_BLOCK_AND(A, B) vandq_u8((A), (B)) 40 #define AES_BLOCK_LOAD(A) vld1q_u8(A) 41 #define AES_BLOCK_LOAD_64x2(A, B) vreinterpretq_u8_u64(vsetq_lane_u64((A), vmovq_n_u64(B), 1)) 42 #define AES_BLOCK_STORE(A, B) vst1q_u8((A), (B)) 43 #define AES_ENC(A, B) veorq_u8(vaesmcq_u8(vaeseq_u8(vmovq_n_u8(0), (A))), (B)) 44 45 static inline void 46 aegis256_update(aes_block_t *const state, const aes_block_t d) 47 { 48 aes_block_t tmp; 49 50 tmp = state[5]; 51 state[5] = AES_ENC(state[4], state[5]); 52 state[4] = AES_ENC(state[3], state[4]); 53 state[3] = AES_ENC(state[2], state[3]); 54 state[2] = AES_ENC(state[1], state[2]); 55 state[1] = AES_ENC(state[0], state[1]); 56 state[0] = AES_BLOCK_XOR(AES_ENC(tmp, state[0]), d); 57 } 58 59 #include "aegis256_common.h" 60 61 struct aegis256_implementation aegis256_armcrypto_implementation = { SODIUM_C99(.encrypt_detached =) 62 encrypt_detached, 63 SODIUM_C99(.decrypt_detached =) 64 decrypt_detached }; 65 66 #ifdef __clang__ 67 #pragma clang attribute pop 68 #endif 69 70 #endif