#include "grand.h"
#include "keysz.h"
#include "paranoia.h"
+#include "rsvr.h"
#include "salsa20.h"
#include "salsa20-core.h"
#if CPUFAM_X86 || CPUFAM_AMD64
extern core__functype salsa20_core_x86ish_sse2;
+extern core__functype salsa20_core_x86ish_avx;
#endif
#if CPUFAM_ARMEL
static core__functype *pick_core(void)
{
#if CPUFAM_X86 || CPUFAM_AMD64
+ DISPATCH_PICK_COND(salsa20_core, salsa20_core_x86ish_avx,
+ cpu_feature_p(CPUFEAT_X86_AVX));
DISPATCH_PICK_COND(salsa20_core, salsa20_core_x86ish_sse2,
cpu_feature_p(CPUFEAT_X86_SSE2));
#endif
cpu_feature_p(CPUFEAT_ARM_NEON));
#endif
#if CPUFAM_ARM64
- DISPATCH_PICK_COND(salsa20_core, salsa20_core_arm64, 1);
+ DISPATCH_PICK_COND(salsa20_core, salsa20_core_arm64,
+ cpu_feature_p(CPUFEAT_ARM_NEON));
#endif
DISPATCH_PICK_FALLBACK(salsa20_core, simple_core);
}
/*----- Salsa20 implementation --------------------------------------------*/
+static const octet zerononce[XSALSA20_NONCESZ];
+
/* --- @salsa20_init@ --- *
*
* Arguments: @salsa20_ctx *ctx@ = context to fill in
void salsa20_init(salsa20_ctx *ctx, const void *key, size_t ksz,
const void *nonce)
{
- static const octet zerononce[SALSA20_NONCESZ];
-
populate(ctx->a, key, ksz);
salsa20_setnonce(ctx, nonce ? nonce : zerononce);
}
void salsa20_seeku64(salsa20_ctx *ctx, kludge64 i)
{
ctx->a[8] = LO64(i); ctx->a[5] = HI64(i);
- ctx->bufi = SALSA20_OUTSZ;
+ ctx->off = 0;
}
void salsa20_seek_ietf(salsa20_ctx *ctx, uint32 i)
* to @dest@.
*/
+static const rsvr_policy policy = { 0, SALSA20_OUTSZ, SALSA20_OUTSZ };
+
#define SALSA20_ENCRYPT(r, ctx, src, dest, sz) \
SALSA20_DECOR(salsa20, r, _encrypt)(ctx, src, dest, sz)
#define DEFENCRYPT(r) \
salsa20_matrix b; \
const octet *s = src; \
octet *d = dest; \
- size_t n; \
+ rsvr_plan plan; \
kludge64 pos, delta; \
\
- SALSA20_OUTBUF(ctx, d, s, sz); \
- if (!sz) return; \
- \
- if (!dest) { \
- n = sz/SALSA20_OUTSZ; \
- pos = salsa20_tellu64(ctx); \
- ASSIGN64(delta, n); \
- ADD64(pos, pos, delta); \
- salsa20_seeku64(ctx, pos); \
- sz = sz%SALSA20_OUTSZ; \
- } else if (!src) { \
- while (sz >= SALSA20_OUTSZ) { \
- core(r, ctx->a, b); \
- SALSA20_STEP(ctx->a); \
- SALSA20_GENFULL(b, d); \
- sz -= SALSA20_OUTSZ; \
+ rsvr_mkplan(&plan, &policy, ctx->off, sz); \
+ \
+ if (plan.head) { \
+ if (!ctx->off) { \
+ core(r, ctx->a, b); SALSA20_STEP(ctx->a); \
+ SALSA20_PREPBUF(ctx, b); \
} \
- } else { \
- while (sz >= SALSA20_OUTSZ) { \
- core(r, ctx->a, b); \
- SALSA20_STEP(ctx->a); \
- SALSA20_MIXFULL(b, d, s); \
- sz -= SALSA20_OUTSZ; \
+ SALSA20_OUTBUF(ctx, d, s, plan.head); \
+ } \
+ \
+ ctx->off -= plan.from_rsvr; \
+ \
+ if (!d) { \
+ if (plan.from_input) { \
+ pos = salsa20_tellu64(ctx); \
+ ASSIGN64(delta, plan.from_input/SALSA20_OUTSZ); \
+ ADD64(pos, pos, delta); \
+ salsa20_seeku64(ctx, pos); \
} \
+ } else if (!s) while (plan.from_input) { \
+ core(r, ctx->a, b); SALSA20_STEP(ctx->a); \
+ SALSA20_GENFULL(b, d); plan.from_input -= SALSA20_OUTSZ; \
+ } else while (plan.from_input) { \
+ core(r, ctx->a, b); SALSA20_STEP(ctx->a); \
+ SALSA20_MIXFULL(b, d, s); plan.from_input -= SALSA20_OUTSZ; \
} \
\
- if (sz) { \
- core(r, ctx->a, b); \
- SALSA20_STEP(ctx->a); \
+ if (plan.tail) { \
+ core(r, ctx->a, b); SALSA20_STEP(ctx->a); \
SALSA20_PREPBUF(ctx, b); \
- SALSA20_OUTBUF(ctx, d, s, sz); \
- assert(!sz); \
+ SALSA20_OUTBUF(ctx, d, s, plan.tail); \
} \
}
SALSA20_VARS(DEFENCRYPT)
void XSALSA20_INIT(r, XSALSA20_CTX(r) *ctx, \
const void *key, size_t ksz, const void *nonce) \
{ \
- static const octet zerononce[XSALSA20_NONCESZ]; \
- \
populate(ctx->k, key, ksz); \
ctx->s.a[ 0] = SALSA20_A256; \
ctx->s.a[ 1] = SALSA20_B256; \
#include <stdio.h>
#include <string.h>
+#include <mLib/macros.h>
#include <mLib/quis.h>
#include <mLib/testrig.h>
+#ifdef ENABLE_ASM_DEBUG
+# include "regdump.h"
+#endif
+
static const int perm[] = {
0, 13, 10, 7,
4, 1, 14, 11,
} \
for (i = 0; i < SALSA20_OUTSZ/4; i++) STORE32_L(d.buf + 4*i, b[i]); \
\
- if (d.len != v[2].len || memcmp(d.buf, v[2].buf, v[2].len) != 0) { \
+ if (d.len != v[2].len || MEMCMP(d.buf, !=, v[2].buf, v[2].len)) { \
ok = 0; \
printf("\nfail core:" \
"\n\titerations = %d" \
} \
if (sz) BASE##_ENCRYPT(r, &ctx, p, q, sz); \
\
- if (d.len != v[5].len || memcmp(d.buf, v[5].buf, v[5].len) != 0) { \
+ if (d.len != v[5].len || MEMCMP(d.buf, !=, v[5].buf, v[5].len)) { \
ok = 0; \
printf("\nfail encrypt:" \
"\n\tstep = %lu" \
int main(int argc, char *argv[])
{
+#ifdef ENABLE_ASM_DEBUG
+ regdump_init();
+#endif
test_run(argc, argv, defs, SRCDIR"/t/salsa20");
return (0);
}