Home Verkennen Help
Registreren Inloggen
phyus
/
linux-vybrid_public
8
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: c43cdfbc4c
Aftakkingen Labels
linux-vybrid_pu...
/
arch
/
x86
/
crypto
/
twofish-avx-x86_64-asm_64.S

twofish-avx-x86_64-asm_64.S 7.3 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300 
  1. /*
    2. 

  2.  * Twofish Cipher 8-way parallel algorithm (AVX/x86_64)
    3. 

  3.  *
    4. 

  4.  * Copyright (C) 2012 Johannes Goetzfried
    5. 

  5.  *     <Johannes.Goetzfried@informatik.stud.uni-erlangen.de>
    6. 

  6.  *
    7. 

  7.  * This program is free software; you can redistribute it and/or modify
    8. 

  8.  * it under the terms of the GNU General Public License as published by
    9. 

  9.  * the Free Software Foundation; either version 2 of the License, or
    10. 

  10.  * (at your option) any later version.
    11. 

  11.  *
    12. 

  12.  * This program is distributed in the hope that it will be useful,
    13. 

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.  * GNU General Public License for more details.
    16. 

  16.  *
    17. 

  17.  * You should have received a copy of the GNU General Public License
    18. 

  18.  * along with this program; if not, write to the Free Software
    19. 

  19.  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
    20. 

  20.  * USA
    21. 

  21.  *
    22. 

  22.  */
    23. 

  23. 

  24. .file "twofish-avx-x86_64-asm_64.S"
    25. 

  25. .text
    26. 

  26. 

  27. /* structure of crypto context */
    28. 

  28. #define s0	0
    29. 

  29. #define s1	1024
    30. 

  30. #define s2	2048
    31. 

  31. #define s3	3072
    32. 

  32. #define w	4096
    33. 

  33. #define k	4128
    34. 

  34. 

  35. /**********************************************************************
    36. 

  36.   8-way AVX twofish
    37. 

  37.  **********************************************************************/
    38. 

  38. #define CTX %rdi
    39. 

  39. 

  40. #define RA1 %xmm0
    41. 

  41. #define RB1 %xmm1
    42. 

  42. #define RC1 %xmm2
    43. 

  43. #define RD1 %xmm3
    44. 

  44. 

  45. #define RA2 %xmm4
    46. 

  46. #define RB2 %xmm5
    47. 

  47. #define RC2 %xmm6
    48. 

  48. #define RD2 %xmm7
    49. 

  49. 

  50. #define RX %xmm8
    51. 

  51. #define RY %xmm9
    52. 

  52. 

  53. #define RK1 %xmm10
    54. 

  54. #define RK2 %xmm11
    55. 

  55. 

  56. #define RID1  %rax
    57. 

  57. #define RID1b %al
    58. 

  58. #define RID2  %rbx
    59. 

  59. #define RID2b %bl
    60. 

  60. 

  61. #define RGI1   %rdx
    62. 

  62. #define RGI1bl %dl
    63. 

  63. #define RGI1bh %dh
    64. 

  64. #define RGI2   %rcx
    65. 

  65. #define RGI2bl %cl
    66. 

  66. #define RGI2bh %ch
    67. 

  67. 

  68. #define RGS1  %r8
    69. 

  69. #define RGS1d %r8d
    70. 

  70. #define RGS2  %r9
    71. 

  71. #define RGS2d %r9d
    72. 

  72. #define RGS3  %r10
    73. 

  73. #define RGS3d %r10d
    74. 

  74. 

  75. 

  76. #define lookup_32bit(t0, t1, t2, t3, src, dst) \
    77. 

  77. 	movb		src ## bl,        RID1b;     \
    78. 

  78. 	movb		src ## bh,        RID2b;     \
    79. 

  79. 	movl		t0(CTX, RID1, 4), dst ## d;  \
    80. 

  80. 	xorl		t1(CTX, RID2, 4), dst ## d;  \
    81. 

  81. 	shrq $16,	src;                         \
    82. 

  82. 	movb		src ## bl,        RID1b;     \
    83. 

  83. 	movb		src ## bh,        RID2b;     \
    84. 

  84. 	xorl		t2(CTX, RID1, 4), dst ## d;  \
    85. 

  85. 	xorl		t3(CTX, RID2, 4), dst ## d;
    86. 

  86. 

  87. #define G(a, x, t0, t1, t2, t3) \
    88. 

  88. 	vmovq		a,    RGI1;               \
    89. 

  89. 	vpsrldq $8,	a,    x;                  \
    90. 

  90. 	vmovq		x,    RGI2;               \
    91. 

  91. 	\
    92. 

  92. 	lookup_32bit(t0, t1, t2, t3, RGI1, RGS1); \
    93. 

  93. 	shrq $16,	RGI1;                     \
    94. 

  94. 	lookup_32bit(t0, t1, t2, t3, RGI1, RGS2); \
    95. 

  95. 	shlq $32,	RGS2;                     \
    96. 

  96. 	orq		RGS1, RGS2;               \
    97. 

  97. 	\
    98. 

  98. 	lookup_32bit(t0, t1, t2, t3, RGI2, RGS1); \
    99. 

  99. 	shrq $16,	RGI2;                     \
    100. 

  100. 	lookup_32bit(t0, t1, t2, t3, RGI2, RGS3); \
    101. 

  101. 	shlq $32,	RGS3;                     \
    102. 

  102. 	orq		RGS1, RGS3;               \
    103. 

  103. 	\
    104. 

  104. 	vmovq		RGS2, x;                  \
    105. 

  105. 	vpinsrq $1,	RGS3, x, x;
    106. 

  106. 

  107. #define encround(a, b, c, d, x, y) \
    108. 

  108. 	G(a, x, s0, s1, s2, s3);           \
    109. 

  109. 	G(b, y, s1, s2, s3, s0);           \
    110. 

  110. 	vpaddd			x, y,   x; \
    111. 

  111. 	vpaddd			y, x,   y; \
    112. 

  112. 	vpaddd			x, RK1, x; \
    113. 

  113. 	vpaddd			y, RK2, y; \
    114. 

  114. 	vpxor			x, c,   c; \
    115. 

  115. 	vpsrld $1,		c, x;      \
    116. 

  116. 	vpslld $(32 - 1),	c, c;      \
    117. 

  117. 	vpor			c, x,   c; \
    118. 

  118. 	vpslld $1,		d, x;      \
    119. 

  119. 	vpsrld $(32 - 1),	d, d;      \
    120. 

  120. 	vpor			d, x,   d; \
    121. 

  121. 	vpxor			d, y,   d;
    122. 

  122. 

  123. #define decround(a, b, c, d, x, y) \
    124. 

  124. 	G(a, x, s0, s1, s2, s3);           \
    125. 

  125. 	G(b, y, s1, s2, s3, s0);           \
    126. 

  126. 	vpaddd			x, y,   x; \
    127. 

  127. 	vpaddd			y, x,   y; \
    128. 

  128. 	vpaddd			y, RK2, y; \
    129. 

  129. 	vpxor			d, y,   d; \
    130. 

  130. 	vpsrld $1,		d, y;      \
    131. 

  131. 	vpslld $(32 - 1),	d, d;      \
    132. 

  132. 	vpor			d, y,   d; \
    133. 

  133. 	vpslld $1,		c, y;      \
    134. 

  134. 	vpsrld $(32 - 1),	c, c;      \
    135. 

  135. 	vpor			c, y,   c; \
    136. 

  136. 	vpaddd			x, RK1, x; \
    137. 

  137. 	vpxor			x, c,   c;
    138. 

  138. 

  139. #define encrypt_round(n, a, b, c, d) \
    140. 

  140. 	vbroadcastss (k+4*(2*(n)))(CTX),   RK1;           \
    141. 

  141. 	vbroadcastss (k+4*(2*(n)+1))(CTX), RK2;           \
    142. 

  142. 	encround(a ## 1, b ## 1, c ## 1, d ## 1, RX, RY); \
    143. 

  143. 	encround(a ## 2, b ## 2, c ## 2, d ## 2, RX, RY);
    144. 

  144. 

  145. #define decrypt_round(n, a, b, c, d) \
    146. 

  146. 	vbroadcastss (k+4*(2*(n)))(CTX),   RK1;           \
    147. 

  147. 	vbroadcastss (k+4*(2*(n)+1))(CTX), RK2;           \
    148. 

  148. 	decround(a ## 1, b ## 1, c ## 1, d ## 1, RX, RY); \
    149. 

  149. 	decround(a ## 2, b ## 2, c ## 2, d ## 2, RX, RY);
    150. 

  150. 

  151. #define encrypt_cycle(n) \
    152. 

  152. 	encrypt_round((2*n), RA, RB, RC, RD);       \
    153. 

  153. 	encrypt_round(((2*n) + 1), RC, RD, RA, RB);
    154. 

  154. 

  155. #define decrypt_cycle(n) \
    156. 

  156. 	decrypt_round(((2*n) + 1), RC, RD, RA, RB); \
    157. 

  157. 	decrypt_round((2*n), RA, RB, RC, RD);
    158. 

  158. 

  159. 

  160. #define transpose_4x4(x0, x1, x2, x3, t0, t1, t2) \
    161. 

  161. 	vpunpckldq		x1, x0, t0; \
    162. 

  162. 	vpunpckhdq		x1, x0, t2; \
    163. 

  163. 	vpunpckldq		x3, x2, t1; \
    164. 

  164. 	vpunpckhdq		x3, x2, x3; \
    165. 

  165. 	\
    166. 

  166. 	vpunpcklqdq		t1, t0, x0; \
    167. 

  167. 	vpunpckhqdq		t1, t0, x1; \
    168. 

  168. 	vpunpcklqdq		x3, t2, x2; \
    169. 

  169. 	vpunpckhqdq		x3, t2, x3;
    170. 

  170. 

  171. #define inpack_blocks(in, x0, x1, x2, x3, wkey, t0, t1, t2) \
    172. 

  172. 	vpxor (0*4*4)(in),	wkey, x0; \
    173. 

  173. 	vpxor (1*4*4)(in),	wkey, x1; \
    174. 

  174. 	vpxor (2*4*4)(in),	wkey, x2; \
    175. 

  175. 	vpxor (3*4*4)(in),	wkey, x3; \
    176. 

  176. 	\
    177. 

  177. 	transpose_4x4(x0, x1, x2, x3, t0, t1, t2)
    178. 

  178. 

  179. #define outunpack_blocks(out, x0, x1, x2, x3, wkey, t0, t1, t2) \
    180. 

  180. 	transpose_4x4(x0, x1, x2, x3, t0, t1, t2) \
    181. 

  181. 	\
    182. 

  182. 	vpxor		x0, wkey, x0;     \
    183. 

  183. 	vmovdqu 	x0, (0*4*4)(out); \
    184. 

  184. 	vpxor		x1, wkey, x1;     \
    185. 

  185. 	vmovdqu		x1, (1*4*4)(out); \
    186. 

  186. 	vpxor		x2, wkey, x2;     \
    187. 

  187. 	vmovdqu		x2, (2*4*4)(out); \
    188. 

  188. 	vpxor		x3, wkey, x3;     \
    189. 

  189. 	vmovdqu		x3, (3*4*4)(out);
    190. 

  190. 

  191. #define outunpack_xor_blocks(out, x0, x1, x2, x3, wkey, t0, t1, t2) \
    192. 

  192. 	transpose_4x4(x0, x1, x2, x3, t0, t1, t2) \
    193. 

  193. 	\
    194. 

  194. 	vpxor		x0, wkey, x0;         \
    195. 

  195. 	vpxor		(0*4*4)(out), x0, x0; \
    196. 

  196. 	vmovdqu 	x0, (0*4*4)(out);     \
    197. 

  197. 	vpxor		x1, wkey, x1;         \
    198. 

  198. 	vpxor		(1*4*4)(out), x1, x1; \
    199. 

  199. 	vmovdqu	        x1, (1*4*4)(out);     \
    200. 

  200. 	vpxor		x2, wkey, x2;         \
    201. 

  201. 	vpxor           (2*4*4)(out), x2, x2; \
    202. 

  202. 	vmovdqu		x2, (2*4*4)(out);     \
    203. 

  203. 	vpxor		x3, wkey, x3;         \
    204. 

  204. 	vpxor           (3*4*4)(out), x3, x3; \
    205. 

  205. 	vmovdqu		x3, (3*4*4)(out);
    206. 

  206. 

  207. .align 8
    208. 

  208. .global __twofish_enc_blk_8way
    209. 

  209. .type   __twofish_enc_blk_8way,@function;
    210. 

  210. 

  211. __twofish_enc_blk_8way:
    212. 

  212. 	/* input:
    213. 

  213. 	 *	%rdi: ctx, CTX
    214. 

  214. 	 *	%rsi: dst
    215. 

  215. 	 *	%rdx: src
    216. 

  216. 	 *	%rcx: bool, if true: xor output
    217. 

  217. 	 */
    218. 

  218. 

  219. 	pushq %rbx;
    220. 

  220. 	pushq %rcx;
    221. 

  221. 

  222. 	vmovdqu w(CTX), RK1;
    223. 

  223. 

  224. 	leaq (4*4*4)(%rdx), %rax;
    225. 

  225. 	inpack_blocks(%rdx, RA1, RB1, RC1, RD1, RK1, RX, RY, RK2);
    226. 

  226. 	inpack_blocks(%rax, RA2, RB2, RC2, RD2, RK1, RX, RY, RK2);
    227. 

  227. 

  228. 	xorq RID1, RID1;
    229. 

  229. 	xorq RID2, RID2;
    230. 

  230. 

  231. 	encrypt_cycle(0);
    232. 

  232. 	encrypt_cycle(1);
    233. 

  233. 	encrypt_cycle(2);
    234. 

  234. 	encrypt_cycle(3);
    235. 

  235. 	encrypt_cycle(4);
    236. 

  236. 	encrypt_cycle(5);
    237. 

  237. 	encrypt_cycle(6);
    238. 

  238. 	encrypt_cycle(7);
    239. 

  239. 

  240. 	vmovdqu (w+4*4)(CTX), RK1;
    241. 

  241. 

  242. 	popq %rcx;
    243. 

  243. 	popq %rbx;
    244. 

  244. 

  245. 	leaq (4*4*4)(%rsi), %rax;
    246. 

  246. 

  247. 	testb %cl, %cl;
    248. 

  248. 	jnz __enc_xor8;
    249. 

  249. 

  250. 	outunpack_blocks(%rsi, RC1, RD1, RA1, RB1, RK1, RX, RY, RK2);
    251. 

  251. 	outunpack_blocks(%rax, RC2, RD2, RA2, RB2, RK1, RX, RY, RK2);
    252. 

  252. 

  253. 	ret;
    254. 

  254. 

  255. __enc_xor8:
    256. 

  256. 	outunpack_xor_blocks(%rsi, RC1, RD1, RA1, RB1, RK1, RX, RY, RK2);
    257. 

  257. 	outunpack_xor_blocks(%rax, RC2, RD2, RA2, RB2, RK1, RX, RY, RK2);
    258. 

  258. 

  259. 	ret;
    260. 

  260. 

  261. .align 8
    262. 

  262. .global twofish_dec_blk_8way
    263. 

  263. .type   twofish_dec_blk_8way,@function;
    264. 

  264. 

  265. twofish_dec_blk_8way:
    266. 

  266. 	/* input:
    267. 

  267. 	 *	%rdi: ctx, CTX
    268. 

  268. 	 *	%rsi: dst
    269. 

  269. 	 *	%rdx: src
    270. 

  270. 	 */
    271. 

  271. 

  272. 	pushq %rbx;
    273. 

  273. 

  274. 	vmovdqu (w+4*4)(CTX), RK1;
    275. 

  275. 

  276. 	leaq (4*4*4)(%rdx), %rax;
    277. 

  277. 	inpack_blocks(%rdx, RC1, RD1, RA1, RB1, RK1, RX, RY, RK2);
    278. 

  278. 	inpack_blocks(%rax, RC2, RD2, RA2, RB2, RK1, RX, RY, RK2);
    279. 

  279. 

  280. 	xorq RID1, RID1;
    281. 

  281. 	xorq RID2, RID2;
    282. 

  282. 

  283. 	decrypt_cycle(7);
    284. 

  284. 	decrypt_cycle(6);
    285. 

  285. 	decrypt_cycle(5);
    286. 

  286. 	decrypt_cycle(4);
    287. 

  287. 	decrypt_cycle(3);
    288. 

  288. 	decrypt_cycle(2);
    289. 

  289. 	decrypt_cycle(1);
    290. 

  290. 	decrypt_cycle(0);
    291. 

  291. 

  292. 	vmovdqu (w)(CTX), RK1;
    293. 

  293. 

  294. 	popq %rbx;
    295. 

  295. 

  296. 	leaq (4*4*4)(%rsi), %rax;
    297. 

  297. 	outunpack_blocks(%rsi, RA1, RB1, RC1, RD1, RK1, RX, RY, RK2);
    298. 

  298. 	outunpack_blocks(%rax, RA2, RB2, RC2, RD2, RK1, RX, RY, RK2);
    299. 

  299. 

  300. 	ret;
    301.