sm4: ppc64x uses VPERMXOR to implement Affine Transform

sm4/aesni_macros_ppc64x.s

@@ -1,14 +1,12 @@
 #define LOAD_CONSTS(baseAddrReg, offsetReg) \
 	LXVD2X (baseAddrReg)(R0), REVERSE_WORDS; \
 	MOVD $0x10, offsetReg; \
-	LXVD2X (baseAddrReg)(offsetReg), NIBBLE_MASK; \
-	MOVD $0x20, offsetReg; \
 	LXVD2X (baseAddrReg)(offsetReg), M1L; \
-	MOVD $0x30, offsetReg; \
+	MOVD $0x20, offsetReg; \
 	LXVD2X (baseAddrReg)(offsetReg), M1H; \
-	MOVD $0x40, offsetReg; \
+	MOVD $0x30, offsetReg; \
 	LXVD2X (baseAddrReg)(offsetReg), M2L; \
-	MOVD $0x50, offsetReg; \
+	MOVD $0x40, offsetReg; \
 	LXVD2X (baseAddrReg)(offsetReg), M2H
 
 #ifdef GOARCH_ppc64le
@@ -76,40 +74,13 @@
 	XXPERMDI TMP3, TMP2, $0, T1; \
 	XXPERMDI TMP3, TMP2, $3, T3
 
-// Affine Transform
-// parameters:
-// -  L: table low nibbles
-// -  H: table high nibbles
-// -  x: 128 bits register as sbox input/output data
-// -  y: 128 bits temp register
-// -  z: 128 bits temp register
-#define AFFINE_TRANSFORM(L, H, V_FOUR, x, y, z)  \
-	VPERMXOR H, L, x, x
-
-// Affine Transform
-// parameters:
-// -  L: table low nibbles
-// -  H: table high nibbles
-// -  x: 128 bits register as sbox input/output data
-// -  y: 128 bits temp register
-// -  z: 128 bits temp register
-#define AFFINE_TRANSFORM_NOTX(L, H, V_FOUR, x, y, z)  \
-	VNOR  x, x, z;                       \ // z = NOT(x)
-	VAND  NIBBLE_MASK, z, z;             \	
-	VPERM L, L, z, y;                    \
-	VSRB x, V_FOUR, z;                   \
-	VPERM H, H, z, x;                    \
-	VXOR y, x, x
-
 // SM4 sbox function
 // parameters:
 // -  x: 128 bits register as sbox input/output data
-// -  y: 128 bits temp register
+#define SM4_SBOX(x)                    \
-// -  z: 128 bits temp register
+	VPERMXOR M1H, M1L, x, x;           \
-#define SM4_SBOX(x, y, z) \
-	AFFINE_TRANSFORM(M1L, M1H, V_FOUR, x, y, z); \
 	VSBOX x, x;                        \
-	AFFINE_TRANSFORM(M2L, M2H, V_FOUR, x, y, z)
+	VPERMXOR M2H, M2L, x, x
 
 // SM4 TAO L1 function
 // parameters:
@@ -118,7 +89,7 @@
 // -  tmp2: 128 bits temp register
 // -  tmp3: 128 bits temp register
 #define SM4_TAO_L1(x, tmp1, tmp2, tmp3)     \
-	SM4_SBOX(x, tmp1, tmp2);                      \
+	SM4_SBOX(x);                            \
 	;                                       \ //####################  4 parallel L1 linear transforms ##################//
 	VSPLTISW $8, tmp3;                      \
 	VRLW	x, tmp3, tmp1;                  \ // tmp1 = x <<< 8

sm4/asm_ppc64x.s

@@ -10,25 +10,21 @@ DATA ·rcon+0x00(SB)/8, $0x0b0a09080f0e0d0c // byte swap per word
 DATA ·rcon+0x08(SB)/8, $0x0302010007060504
 DATA ·rcon+0x10(SB)/8, $0x0c0d0e0f08090a0b // reverse words
 DATA ·rcon+0x18(SB)/8, $0x0405060700010203
-DATA ·rcon+0x20(SB)/8, $0x0F0F0F0F0F0F0F0F // nibble mask
+DATA ·rcon+0x20(SB)/8, $0x691CA0D5B6C37F0A // affine transform matrix m1 low
-DATA ·rcon+0x28(SB)/8, $0x0F0F0F0F0F0F0F0F
+DATA ·rcon+0x28(SB)/8, $0x53269AEF8CF94530
-DATA ·rcon+0x30(SB)/8, $0x691CA0D5B6C37F0A // affine transform matrix m1 low
+DATA ·rcon+0x30(SB)/8, $0x009837AF6CF45BC3 // affine transform matrix m1 high
-DATA ·rcon+0x38(SB)/8, $0x53269AEF8CF94530
+DATA ·rcon+0x38(SB)/8, $0xAB339C04C75FF068
-DATA ·rcon+0x40(SB)/8, $0x009837AF6CF45BC3 // affine transform matrix m1 high
+DATA ·rcon+0x40(SB)/8, $0x616EF1FE050A959A // affine transform matrix m2 low
-DATA ·rcon+0x48(SB)/8, $0xAB339C04C75FF068
+DATA ·rcon+0x48(SB)/8, $0xF5FA656A919E010E
-DATA ·rcon+0x50(SB)/8, $0x616EF1FE050A959A // affine transform matrix m2 low
+DATA ·rcon+0x50(SB)/8, $0x00A4E044CD692D89 // affine transform matrix m2 high
-DATA ·rcon+0x58(SB)/8, $0xF5FA656A919E010E
+DATA ·rcon+0x58(SB)/8, $0xA50145E168CC882C
-DATA ·rcon+0x60(SB)/8, $0x00A4E044CD692D89 // affine transform matrix m2 high
+GLOBL ·rcon(SB), RODATA, $96
-DATA ·rcon+0x68(SB)/8, $0xA50145E168CC882C
-GLOBL ·rcon(SB), RODATA, $112
 
 #define REVERSE_WORDS V19
 #define M1L V20
 #define M1H V21
 #define M2L V22
 #define M2H V23
-#define V_FOUR V24
-#define NIBBLE_MASK V29
 // For instruction emulation
 #define ESPERMW  V31 // Endian swapping permute into BE
 
@@ -40,7 +36,7 @@ GLOBL ·rcon(SB), RODATA, $112
 #include "aesni_macros_ppc64x.s"
 
 #define SM4_TAO_L2(x, y, z)         \
-	SM4_SBOX(x, y, z);                      \
+	SM4_SBOX(x);                            \
 	;                                       \ //####################  4 parallel L2 linear transforms ##################//
 	VSPLTISW $13, z;                        \
 	VRLW	x, z, y;                        \ // y = x <<< 13
@@ -60,7 +56,6 @@ GLOBL ·rcon(SB), RODATA, $112
 // func expandKeyAsm(key *byte, ck, enc, dec *uint32, inst int)
 TEXT ·expandKeyAsm(SB),NOSPLIT,$0
 	// prepare/load constants
-	VSPLTISB $4, V_FOUR;
 #ifdef NEEDS_PERMW
 	MOVD	$·rcon(SB), R4
 	LVX	(R4), ESPERMW
@@ -115,7 +110,6 @@ ksLoop:
 // func encryptBlockAsm(xk *uint32, dst, src *byte, inst int)
 TEXT ·encryptBlockAsm(SB),NOSPLIT,$0
 	// prepare/load constants
-	VSPLTISB $4, V_FOUR;
 #ifdef NEEDS_PERMW
 	MOVD	$·rcon(SB), R4
 	LVX	(R4), ESPERMW
@@ -156,7 +150,6 @@ encryptBlockLoop:
 // func encryptBlocksAsm(xk *uint32, dst, src []byte, inst int)
 TEXT ·encryptBlocksAsm(SB),NOSPLIT,$0
 	// prepare/load constants
-	VSPLTISB $4, V_FOUR;
 #ifdef NEEDS_PERMW
 	MOVD	$·rcon(SB), R4
 	LVX	(R4), ESPERMW

sm4/cbc_ppc64x.s

@@ -11,8 +11,6 @@
 #define M1H V21
 #define M2L V22
 #define M2H V23
-#define V_FOUR V24
-#define NIBBLE_MASK V29
 // For instruction emulation
 #define ESPERMW  V31 // Endian swapping permute into BE
 
@@ -45,7 +43,6 @@ TEXT ·decryptBlocksChain(SB),NOSPLIT,$0
 #define rk R5
 #define srcLen R6
 	// prepare/load constants
-	VSPLTISB $4, V_FOUR;
 #ifdef NEEDS_PERMW
 	MOVD	$·rcon(SB), R4
 	LVX	(R4), ESPERMW

sm4/ecb_ppc64x.s

@@ -11,8 +11,6 @@
 #define M1H V21
 #define M2L V22
 #define M2H V23
-#define V_FOUR V24
-#define NIBBLE_MASK V29
 // For instruction emulation
 #define ESPERMW  V31 // Endian swapping permute into BE
 
@@ -30,7 +28,6 @@ TEXT ·encryptSm4Ecb(SB),NOSPLIT,$0
 #define rk R5
 #define srcLen R6
 	// prepare/load constants
-	VSPLTISB $4, V_FOUR;
 #ifdef NEEDS_PERMW
 	MOVD	$·rcon(SB), R4
 	LVX	(R4), ESPERMW