Crypto++ 8.2
Free C&
aria_simd.cpp
1// aria_simd.cpp - written and placed in the public domain by
2// Jeffrey Walton, Uri Blumenthal and Marcel Raad.
3//
4// This source file uses intrinsics to gain access to ARMv7a and
5// ARMv8a NEON instructions. A separate source file is needed
6// because additional CXXFLAGS are required to enable the
7// appropriate instructions sets in some build configurations.
8
9#include "pch.h"
10#include "config.h"
11#include "misc.h"
12
13#if (CRYPTOPP_SSSE3_AVAILABLE)
14# include <tmmintrin.h>
15#endif
16
17// C1189: error: This header is specific to ARM targets
18#if (CRYPTOPP_ARM_NEON_AVAILABLE) && !defined(_M_ARM64)
19# include <arm_neon.h>
20#endif
21
22#if (CRYPTOPP_ARM_ACLE_AVAILABLE)
23# include <stdint.h>
24# include <arm_acle.h>
25#endif
26
27// Clang __m128i casts, http://bugs.llvm.org/show_bug.cgi?id=20670
28#define M128_CAST(x) ((__m128i *)(void *)(x))
29#define CONST_M128_CAST(x) ((const __m128i *)(const void *)(x))
30
31NAMESPACE_BEGIN(CryptoPP)
32NAMESPACE_BEGIN(ARIATab)
33
34extern const word32 S1[256];
35extern const word32 S2[256];
36extern const word32 X1[256];
37extern const word32 X2[256];
38extern const word32 KRK[3][4];
39
40NAMESPACE_END
41NAMESPACE_END
42
43ANONYMOUS_NAMESPACE_BEGIN
44
45using CryptoPP::byte;
46using CryptoPP::word32;
47
48inline byte ARIA_BRF(const word32 x, const int y) {
49 return static_cast<byte>(GETBYTE(x, y));
50}
51
52ANONYMOUS_NAMESPACE_END
53
54NAMESPACE_BEGIN(CryptoPP)
55
56using CryptoPP::ARIATab::S1;
57using CryptoPP::ARIATab::S2;
58using CryptoPP::ARIATab::X1;
59using CryptoPP::ARIATab::X2;
60using CryptoPP::ARIATab::KRK;
61
62#if (CRYPTOPP_ARM_NEON_AVAILABLE)
63
64template <unsigned int N>
65inline void ARIA_GSRK_NEON(const uint32x4_t X, const uint32x4_t Y, byte RK[16])
66{
67 enum { Q1 = (4-(N/32)) % 4,
68 Q2 = (3-(N/32)) % 4,
69 R = N % 32
70 };
71
72 vst1q_u8(RK, vreinterpretq_u8_u32(
73 veorq_u32(X, veorq_u32(
74 vshrq_n_u32(vextq_u32(Y, Y, Q1), R),
75 vshlq_n_u32(vextq_u32(Y, Y, Q2), 32-R)))));
76}
77
78void ARIA_UncheckedSetKey_Schedule_NEON(byte* rk, word32* ws, unsigned int keylen)
79{
80 const uint32x4_t w0 = vld1q_u32(ws+ 0);
81 const uint32x4_t w1 = vld1q_u32(ws+ 8);
82 const uint32x4_t w2 = vld1q_u32(ws+12);
83 const uint32x4_t w3 = vld1q_u32(ws+16);
84
85 ARIA_GSRK_NEON<19>(w0, w1, rk + 0);
86 ARIA_GSRK_NEON<19>(w1, w2, rk + 16);
87 ARIA_GSRK_NEON<19>(w2, w3, rk + 32);
88 ARIA_GSRK_NEON<19>(w3, w0, rk + 48);
89 ARIA_GSRK_NEON<31>(w0, w1, rk + 64);
90 ARIA_GSRK_NEON<31>(w1, w2, rk + 80);
91 ARIA_GSRK_NEON<31>(w2, w3, rk + 96);
92 ARIA_GSRK_NEON<31>(w3, w0, rk + 112);
93 ARIA_GSRK_NEON<67>(w0, w1, rk + 128);
94 ARIA_GSRK_NEON<67>(w1, w2, rk + 144);
95 ARIA_GSRK_NEON<67>(w2, w3, rk + 160);
96 ARIA_GSRK_NEON<67>(w3, w0, rk + 176);
97 ARIA_GSRK_NEON<97>(w0, w1, rk + 192);
98
99 if (keylen > 16)
100 {
101 ARIA_GSRK_NEON<97>(w1, w2, rk + 208);
102 ARIA_GSRK_NEON<97>(w2, w3, rk + 224);
103
104 if (keylen > 24)
105 {
106 ARIA_GSRK_NEON< 97>(w3, w0, rk + 240);
107 ARIA_GSRK_NEON<109>(w0, w1, rk + 256);
108 }
109 }
110}
111
112void ARIA_ProcessAndXorBlock_NEON(const byte* xorBlock, byte* outBlock, const byte *rk, word32 *t)
113{
114 outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)] );
115 outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
116 outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)] );
117 outBlock[ 3] = (byte)(S2[ARIA_BRF(t[0],0)] );
118 outBlock[ 4] = (byte)(X1[ARIA_BRF(t[1],3)] );
119 outBlock[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8);
120 outBlock[ 6] = (byte)(S1[ARIA_BRF(t[1],1)] );
121 outBlock[ 7] = (byte)(S2[ARIA_BRF(t[1],0)] );
122 outBlock[ 8] = (byte)(X1[ARIA_BRF(t[2],3)] );
123 outBlock[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8);
124 outBlock[10] = (byte)(S1[ARIA_BRF(t[2],1)] );
125 outBlock[11] = (byte)(S2[ARIA_BRF(t[2],0)] );
126 outBlock[12] = (byte)(X1[ARIA_BRF(t[3],3)] );
127 outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
128 outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)] );
129 outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)] );
130
131 // 'outBlock' and 'xorBlock' may be unaligned.
132 if (xorBlock != NULLPTR)
133 {
134 vst1q_u8(outBlock,
135 veorq_u8(
136 vld1q_u8(xorBlock),
137 veorq_u8(
138 vld1q_u8(outBlock),
139 vrev32q_u8(vld1q_u8((rk))))));
140 }
141 else
142 {
143 vst1q_u8(outBlock,
144 veorq_u8(
145 vld1q_u8(outBlock),
146 vrev32q_u8(vld1q_u8(rk))));
147 }
148}
149
150#endif // CRYPTOPP_ARM_NEON_AVAILABLE
151
152#if (CRYPTOPP_SSSE3_AVAILABLE)
153
154void ARIA_ProcessAndXorBlock_SSSE3(const byte* xorBlock, byte* outBlock, const byte *rk, word32 *t)
155{
156 const __m128i MASK = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
157
158 outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)] );
159 outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
160 outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)] );
161 outBlock[ 3] = (byte)(S2[ARIA_BRF(t[0],0)] );
162 outBlock[ 4] = (byte)(X1[ARIA_BRF(t[1],3)] );
163 outBlock[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8);
164 outBlock[ 6] = (byte)(S1[ARIA_BRF(t[1],1)] );
165 outBlock[ 7] = (byte)(S2[ARIA_BRF(t[1],0)] );
166 outBlock[ 8] = (byte)(X1[ARIA_BRF(t[2],3)] );
167 outBlock[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8);
168 outBlock[10] = (byte)(S1[ARIA_BRF(t[2],1)] );
169 outBlock[11] = (byte)(S2[ARIA_BRF(t[2],0)] );
170 outBlock[12] = (byte)(X1[ARIA_BRF(t[3],3)] );
171 outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
172 outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)] );
173 outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)] );
174
175 // 'outBlock' and 'xorBlock' may be unaligned.
176 if (xorBlock != NULLPTR)
177 {
178 _mm_storeu_si128(M128_CAST(outBlock),
179 _mm_xor_si128(
180 _mm_loadu_si128(CONST_M128_CAST(xorBlock)),
181 _mm_xor_si128(
182 _mm_loadu_si128(CONST_M128_CAST(outBlock)),
183 _mm_shuffle_epi8(_mm_load_si128(CONST_M128_CAST(rk)), MASK)))
184 );
185 }
186 else
187 {
188 _mm_storeu_si128(M128_CAST(outBlock),
189 _mm_xor_si128(_mm_loadu_si128(CONST_M128_CAST(outBlock)),
190 _mm_shuffle_epi8(_mm_load_si128(CONST_M128_CAST(rk)), MASK)));
191 }
192}
193
194#endif // CRYPTOPP_SSSE3_AVAILABLE
195
196NAMESPACE_END
Library configuration file.
Utility functions for the Crypto++ library.
Crypto++ library namespace.
Precompiled header file.