chacha20-arm: go with Ard's version to optimize for Cortex-A7

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2018-09-20 16:31:01 +0200
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2018-09-21 16:05:22 +0200
commit: f61fb1b86c28225353ee67802b512c8529d21fb0 (patch)
tree: 19ed9b2463f47fca15b706d82faf8080a5c28742 /src/crypto/include/zinc
parent: 08edd02db06f9dd424bc023703fed8ea8c42c97d (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/src/crypto/include/zinc/chacha20.h b/src/crypto/include/zinc/chacha20.h
index 455c431..276bdba 100644
--- a/src/crypto/include/zinc/chacha20.h
+++ b/src/crypto/include/zinc/chacha20.h
@@ -20,7 +20,16 @@ enum {
 	HCHACHA20_NONCE_SIZE = 16
 };
 
+enum {
+	/* expand 32-byte k */
+	CHACHA20_CONSTANT_EXPA = 0x61707865U,
+	CHACHA20_CONSTANT_ND_3 = 0x3320646eU,
+	CHACHA20_CONSTANT_2_BY = 0x79622d32U,
+	CHACHA20_CONSTANT_TE_K = 0x6b206574U
+};
+
 struct chacha20_ctx {
+	u32 constant[4];
 	u32 key[8];
 	u32 counter[4];
 } __aligned(32);
@@ -29,6 +38,10 @@ static inline void chacha20_init(struct chacha20_ctx *state,
 				 const u8 key[CHACHA20_KEY_SIZE],
 				 const u64 nonce)
 {
+	state->constant[0] = CHACHA20_CONSTANT_EXPA;
+	state->constant[1] = CHACHA20_CONSTANT_ND_3;
+	state->constant[2] = CHACHA20_CONSTANT_2_BY;
+	state->constant[3] = CHACHA20_CONSTANT_TE_K;
 	state->key[0] = get_unaligned_le32(key + 0);
 	state->key[1] = get_unaligned_le32(key + 4);
 	state->key[2] = get_unaligned_le32(key + 8);
author	Jason A. Donenfeld <Jason@zx2c4.com>	2018-09-20 16:31:01 +0200
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2018-09-21 16:05:22 +0200
commit	f61fb1b86c28225353ee67802b512c8529d21fb0 (patch)
tree	19ed9b2463f47fca15b706d82faf8080a5c28742 /src/crypto/include/zinc
parent	08edd02db06f9dd424bc023703fed8ea8c42c97d (diff)