summaryrefslogtreecommitdiffhomepage
path: root/src/crypto/zinc/chacha20/chacha20.c
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2018-09-20 16:31:01 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2018-09-21 16:05:22 +0200
commitf61fb1b86c28225353ee67802b512c8529d21fb0 (patch)
tree19ed9b2463f47fca15b706d82faf8080a5c28742 /src/crypto/zinc/chacha20/chacha20.c
parent08edd02db06f9dd424bc023703fed8ea8c42c97d (diff)
chacha20-arm: go with Ard's version to optimize for Cortex-A7
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'src/crypto/zinc/chacha20/chacha20.c')
-rw-r--r--src/crypto/zinc/chacha20/chacha20.c31
1 files changed, 12 insertions, 19 deletions
diff --git a/src/crypto/zinc/chacha20/chacha20.c b/src/crypto/zinc/chacha20/chacha20.c
index b843a73..ca50d0e 100644
--- a/src/crypto/zinc/chacha20/chacha20.c
+++ b/src/crypto/zinc/chacha20/chacha20.c
@@ -24,8 +24,8 @@
void __init chacha20_fpu_init(void)
{
}
-static inline bool chacha20_arch(u8 *out, const u8 *in, const size_t len,
- const u32 key[8], const u32 counter[4],
+static inline bool chacha20_arch(struct chacha20_ctx *state, u8 *out,
+ const u8 *in, const size_t len,
simd_context_t *simd_context)
{
return false;
@@ -37,8 +37,6 @@ static inline bool hchacha20_arch(u8 *derived_key, const u8 *nonce,
}
#endif
-#define EXPAND_32_BYTE_K 0x61707865U, 0x3320646eU, 0x79622d32U, 0x6b206574U
-
#define QUARTER_ROUND(x, a, b, c, d) ( \
x[a] += x[b], \
x[d] = rol32((x[d] ^ x[a]), 16), \
@@ -94,26 +92,20 @@ static void chacha20_block_generic(__le32 *stream, u32 *state)
++state[12];
}
-static void chacha20_generic(u8 *out, const u8 *in, u32 len, const u32 key[8],
- const u32 counter[4])
+static void chacha20_generic(struct chacha20_ctx *state, u8 *out, const u8 *in,
+ u32 len)
{
__le32 buf[CHACHA20_BLOCK_WORDS];
- u32 x[] = {
- EXPAND_32_BYTE_K,
- key[0], key[1], key[2], key[3],
- key[4], key[5], key[6], key[7],
- counter[0], counter[1], counter[2], counter[3]
- };
while (len >= CHACHA20_BLOCK_SIZE) {
- chacha20_block_generic(buf, x);
+ chacha20_block_generic(buf, (u32 *)state);
crypto_xor_cpy(out, in, (u8 *)buf, CHACHA20_BLOCK_SIZE);
len -= CHACHA20_BLOCK_SIZE;
out += CHACHA20_BLOCK_SIZE;
in += CHACHA20_BLOCK_SIZE;
}
if (len) {
- chacha20_block_generic(buf, x);
+ chacha20_block_generic(buf, (u32 *)state);
crypto_xor_cpy(out, in, (u8 *)buf, len);
}
}
@@ -121,10 +113,8 @@ static void chacha20_generic(u8 *out, const u8 *in, u32 len, const u32 key[8],
void chacha20(struct chacha20_ctx *state, u8 *dst, const u8 *src, u32 len,
simd_context_t *simd_context)
{
- if (!chacha20_arch(dst, src, len, state->key, state->counter,
- simd_context))
- chacha20_generic(dst, src, len, state->key, state->counter);
- state->counter[0] += (len + 63) / 64;
+ if (!chacha20_arch(state, dst, src, len, simd_context))
+ chacha20_generic(state, dst, src, len);
}
EXPORT_SYMBOL(chacha20);
@@ -133,7 +123,10 @@ static void hchacha20_generic(u8 derived_key[CHACHA20_KEY_SIZE],
const u8 key[HCHACHA20_KEY_SIZE])
{
__le32 *out = (__force __le32 *)derived_key;
- u32 x[] = { EXPAND_32_BYTE_K,
+ u32 x[] = { CHACHA20_CONSTANT_EXPA,
+ CHACHA20_CONSTANT_ND_3,
+ CHACHA20_CONSTANT_2_BY,
+ CHACHA20_CONSTANT_TE_K,
get_unaligned_le32(key + 0),
get_unaligned_le32(key + 4),
get_unaligned_le32(key + 8),