From 4ed467a7d4ed37d41e9da72cc1c11cf3c7213984 Mon Sep 17 00:00:00 2001 From: Emman Date: Thu, 13 Jan 2022 09:00:08 +0800 Subject: [PATCH] [SM4] fallback again --- sm4/gcm_arm64.s | 33 +++++++-------------------------- sm4/sm4_gcm_arm64.go | 6 ++++-- sm4/sm4_gcm_test.go | 4 ++-- 3 files changed, 13 insertions(+), 30 deletions(-) diff --git a/sm4/gcm_arm64.s b/sm4/gcm_arm64.s index 40bef73..c436206 100644 --- a/sm4/gcm_arm64.s +++ b/sm4/gcm_arm64.s @@ -153,14 +153,14 @@ TEXT ·gcmSm4Finish(SB),NOSPLIT,$0 SM4_TAO_L1(x, y, z, z1, z2); \ VEOR x.B16, t0.B16, t0.B16 -// func gcmSm4Init(productTable *[256]byte, rk []uint32) -TEXT ·gcmSm4Init(SB),NOSPLIT,$0 +// func precomputeTableAsm(productTable *[256]byte, src *[16]byte) +TEXT ·precomputeTableAsm(SB),NOSPLIT,$0 #define pTbl R0 -#define RK R1 +#define SRC R1 #define I R2 MOVD productTable+0(FP), pTbl - MOVD rk+8(FP), RK + MOVD src+8(FP), SRC MOVD $0xC2, I LSL $56, I @@ -169,27 +169,8 @@ TEXT ·gcmSm4Init(SB),NOSPLIT,$0 VMOV I, POLY.D[1] VEOR ZERO.B16, ZERO.B16, ZERO.B16 - // Encrypt block 0 with the SM4 keys to generate the hash key H - VEOR B0.B16, B0.B16, B0.B16 - VEOR B1.B16, B1.B16, B1.B16 - VEOR B2.B16, B2.B16, B2.B16 - VEOR B3.B16, B3.B16, B3.B16 - EOR R3, R3 - -sm4InitEncLoop: - SM4_ROUND(0, RK, K0, K1, K2, K3, K4, B0, B1, B2, B3) - SM4_ROUND(1, RK, K0, K1, K2, K3, K4, B1, B2, B3, B0) - SM4_ROUND(2, RK, K0, K1, K2, K3, K4, B2, B3, B0, B1) - SM4_ROUND(3, RK, K0, K1, K2, K3, K4, B3, B0, B1, B2) - - ADD $16, R3 - CMP $128, R3 - BNE sm4InitEncLoop - - VMOV B0.S[0], B0.S[2] - VMOV B1.S[0], B0.S[3] - VMOV B2.S[0], B0.S[0] - VMOV B3.S[0], B0.S[1] + VLD1 (SRC), [B0.B16] + VREV64 B0.B16, B0.B16 // Multiply by 2 modulo P VMOV B0.D[0], I @@ -247,7 +228,7 @@ initLoop: BNE initLoop RET #undef I -#undef RK +#undef SRC #undef pTbl // func gcmSm4Data(productTable *[256]byte, data []byte, T *[16]byte) diff --git a/sm4/sm4_gcm_arm64.go b/sm4/sm4_gcm_arm64.go index 9949176..ed4dd8b 100644 --- a/sm4/sm4_gcm_arm64.go +++ b/sm4/sm4_gcm_arm64.go @@ -21,7 +21,7 @@ type sm4CipherGCM struct { var _ gcmAble = (*sm4CipherGCM)(nil) //go:noescape -func gcmSm4Init(productTable *[256]byte, rk []uint32) +func precomputeTableAsm(productTable *[256]byte, src *[16]byte) //go:noescape func gcmSm4Data(productTable *[256]byte, data []byte, T *[16]byte) @@ -41,7 +41,9 @@ func (c *sm4CipherGCM) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) { g.cipher = &c.sm4CipherAsm g.nonceSize = nonceSize g.tagSize = tagSize - gcmSm4Init(&g.bytesProductTable, g.cipher.enc) + var key [gcmBlockSize]byte + c.Encrypt(key[:], key[:]) + precomputeTableAsm(&g.bytesProductTable, &key) return g, nil } diff --git a/sm4/sm4_gcm_test.go b/sm4/sm4_gcm_test.go index 75acca9..4b7c7f1 100644 --- a/sm4/sm4_gcm_test.go +++ b/sm4/sm4_gcm_test.go @@ -1,5 +1,5 @@ -//go:build amd64 || arm64 -// +build amd64 arm64 +//go:build amd64 +// +build amd64 package sm4