mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21175 Commits
28 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
rspamd/contrib/libottery/aes_cryptobox.c

aes_cryptobox.c 6.0KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181 
  1. /*

  2.  * Copyright (c) 2017, Vsevolod Stakhov

  3.  * Copyright (c) 2017, Frank Denis

  4.  * All rights reserved.

  5.  *

  6.  * Redistribution and use in source and binary forms, with or without

  7.  * modification, are permitted provided that the following conditions are met:

  8.  *	 * Redistributions of source code must retain the above copyright

  9.  *	   notice, this list of conditions and the following disclaimer.

  10.  *	 * Redistributions in binary form must reproduce the above copyright

  11.  *	   notice, this list of conditions and the following disclaimer in the

  12.  *	   documentation and/or other materials provided with the distribution.

  13.  *

  14.  * THIS SOFTWARE IS PROVIDED BY AUTHOR ''AS IS'' AND ANY

  15.  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

  16.  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

  17.  * DISCLAIMED. IN NO EVENT SHALL AUTHOR BE LIABLE FOR ANY

  18.  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

  19.  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  20.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND

  21.  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

  22.  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS

  23.  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

  24.  */

  25. 

  26. #include "config.h"

  27. #include "ottery-internal.h"

  28. #include "cryptobox.h"

  29. 

  30. #if defined(__x86_64__) && defined(RSPAMD_HAS_TARGET_ATTR)

  31. #if defined(__GNUC__) && !defined(__clang__)

  32. #pragma GCC push_options

  33. #pragma GCC target("aes")

  34. #endif

  35. #ifndef __SSE2__

  36. #define __SSE2__

  37. #endif

  38. #ifndef __SSE__

  39. #define __SSE__

  40. #endif

  41. #ifndef __AES__

  42. #define __AES__

  43. #endif

  44. #include <immintrin.h>

  45. #define ROUNDS 10

  46. 

  47. typedef struct RSPAMD_ALIGNED(16) aes_rng_state {

  48. 	__m128i round_keys[ROUNDS + 1];

  49. 	__m128i counter;

  50. } aes_stream_state;

  51. 

  52. 

  53. #define STATE_LEN   sizeof(aes_stream_state)

  54. #define STATE_BYTES 16

  55. 

  56. #define OUTPUT_LEN  1024

  57. 

  58. static void

  59. aes_key_expand (__m128i round_keys[ROUNDS + 1], __m128i t) __attribute__((target("aes")));

  60. 

  61. static void

  62. aes_key_expand (__m128i round_keys[ROUNDS + 1], __m128i t)

  63. {

  64. 	__m128i t1;

  65. 

  66. #define DO_ROUND_KEY(ROUND, RC)                           \

  67.     do {                                                   \

  68.         t1 = _mm_aeskeygenassist_si128(t, (RC));           \

  69.         round_keys[ROUND] = t;                             \

  70.         t = _mm_xor_si128(t, _mm_slli_si128(t, 4));        \

  71.         t = _mm_xor_si128(t, _mm_slli_si128(t, 8));        \

  72.         t = _mm_xor_si128(t, _mm_shuffle_epi32(t1, 0xff)); \

  73.     } while (0)

  74. 

  75. 	DO_ROUND_KEY(0, 1);

  76. 	DO_ROUND_KEY(1, 2);

  77. 	DO_ROUND_KEY(2, 4);

  78. 	DO_ROUND_KEY(3, 8);

  79. 	DO_ROUND_KEY(4, 16);

  80. 	DO_ROUND_KEY(5, 32);

  81. 	DO_ROUND_KEY(6, 64);

  82. 	DO_ROUND_KEY(7, 128);

  83. 	DO_ROUND_KEY(8, 27);

  84. 	DO_ROUND_KEY(9, 54);

  85. 	round_keys[10] = t;

  86. }

  87. 

  88. /*

  89.  * Computes one 128 bytes block and refresh keys

  90.  */

  91. static void

  92. aes_round(unsigned char *buf, struct aes_rng_state *st) __attribute__((target("aes")));

  93. static void

  94. aes_round(unsigned char *buf, struct aes_rng_state *st)

  95. {

  96. 	const __m128i  one = _mm_set_epi64x(0, 1);

  97. 	__m128i *round_keys = st->round_keys;

  98. 	__m128i c0, c1, c2, c3, c4, c5, c6, c7;

  99. 	__m128i r0, r1, r2, r3, r4, r5, r6, r7;

  100. 	__m128i s0, s1, s2, s3, s4, s5, s6, s7;

  101. 	size_t i;

  102. 

  103. #define COMPUTE_ROUNDS(N)                                                              \

  104.     do {                                                                               \

  105.         r##N = _mm_aesenc_si128(   _mm_xor_si128(c##N, round_keys[0]), round_keys[1]); \

  106.         r##N = _mm_aesenc_si128(_mm_aesenc_si128(r##N, round_keys[2]), round_keys[3]); \

  107.         r##N = _mm_aesenc_si128(_mm_aesenc_si128(r##N, round_keys[4]), round_keys[5]); \

  108.         s##N = r##N;                                                                   \

  109.         r##N = _mm_aesenc_si128(_mm_aesenc_si128(r##N, round_keys[6]), round_keys[7]); \

  110.         r##N = _mm_aesenc_si128(_mm_aesenc_si128(r##N, round_keys[8]), round_keys[9]); \

  111.         r##N = _mm_xor_si128(s##N, _mm_aesenclast_si128(r##N, round_keys[10]));        \

  112.     } while (0)

  113. 

  114. 	c0 = st->counter;

  115. 

  116. 	for (i = 0; i < OUTPUT_LEN / 128; i ++) {

  117. 		c1 = _mm_add_epi64 (c0, one);

  118. 		c2 = _mm_add_epi64 (c1, one);

  119. 		c3 = _mm_add_epi64 (c2, one);

  120. 		c4 = _mm_add_epi64 (c3, one);

  121. 		c5 = _mm_add_epi64 (c4, one);

  122. 		c6 = _mm_add_epi64 (c5, one);

  123. 		c7 = _mm_add_epi64 (c6, one);

  124. 		COMPUTE_ROUNDS(0);

  125. 		COMPUTE_ROUNDS(1);

  126. 		COMPUTE_ROUNDS(2);

  127. 		COMPUTE_ROUNDS(3);

  128. 		COMPUTE_ROUNDS(4);

  129. 		COMPUTE_ROUNDS(5);

  130. 		COMPUTE_ROUNDS(6);

  131. 		COMPUTE_ROUNDS(7);

  132. 		c0 = _mm_add_epi64 (c7, one);

  133. 		_mm_storeu_si128 ((__m128i *) (void *) (buf + 0), r0);

  134. 		_mm_storeu_si128 ((__m128i *) (void *) (buf + 16), r1);

  135. 		_mm_storeu_si128 ((__m128i *) (void *) (buf + 32), r2);

  136. 		_mm_storeu_si128 ((__m128i *) (void *) (buf + 48), r3);

  137. 		_mm_storeu_si128 ((__m128i *) (void *) (buf + 64), r4);

  138. 		_mm_storeu_si128 ((__m128i *) (void *) (buf + 80), r5);

  139. 		_mm_storeu_si128 ((__m128i *) (void *) (buf + 96), r6);

  140. 		_mm_storeu_si128 ((__m128i *) (void *) (buf + 112), r7);

  141. 		buf += 128;

  142. 	}

  143. 

  144. 	st->counter = c0;

  145. 	c0 = _mm_setzero_si128();

  146. 	COMPUTE_ROUNDS(0);

  147. 	aes_key_expand(round_keys, r0);

  148. }

  149. 

  150. 

  151. static void

  152. aes_cryptobox_state_setup (void *state_, const uint8_t *bytes)

  153. {

  154. 	struct aes_rng_state *x = state_;

  155. 

  156. 	aes_key_expand (x->round_keys,

  157. 			_mm_loadu_si128((const __m128i *) (const void *)bytes));

  158. }

  159. 

  160. static void

  161. aes_cryptobox_generate (void *state_, uint8_t *output, uint32_t idx)

  162. {

  163. 	struct aes_rng_state *x = state_;

  164. 

  165. 	aes_round(output, x);

  166. }

  167. 

  168. #define PRF_AES(r) {                         \

  169.   "AES-" #r,                                  \

  170.   "AES-" #r "-NOSIMD",                        \

  171.   "AES-" #r "-NOSIMD-DEFAULT",                \

  172.   STATE_LEN,                                    \

  173.   STATE_BYTES,                                  \

  174.   OUTPUT_LEN,                                   \

  175.   OTTERY_CPUCAP_AES,                                            \

  176.   aes_cryptobox_state_setup,                    \

  177.   aes_cryptobox_generate               \

  178. }

  179. 

  180. const struct ottery_prf ottery_prf_aes_cryptobox_ = PRF_AES(128);

  181. #endif /* x86_64 */