korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-16 08:44:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
f78f6f0bf3
linux/arch
History
Taehee Yoo ba3579e6e4 crypto: aria-avx - add AES-NI/AVX/x86_64/GFNI assembler implementation of aria cipher 
The implementation is based on the 32-bit implementation of the aria.
Also, aria-avx process steps are the similar to the camellia-avx.
1. Byteslice(16way)
2. Add-round-key.
3. Sbox
4. Diffusion layer.

Except for s-box, all steps are the same as the aria-generic
implementation. s-box step is very similar to camellia and
sm4 implementation.

There are 2 implementations for s-box step.
One is to use AES-NI and affine transformation, which is the same as
Camellia, sm4, and others.
Another is to use GFNI.
GFNI implementation is faster than AES-NI implementation.
So, it uses GFNI implementation if the running CPU supports GFNI.

There are 4 s-boxes in the ARIA and the 2 s-boxes are the same as
AES's s-boxes.

To calculate the first sbox, it just uses the aesenclast and then
inverts shift_row.
No more process is needed for this job because the first s-box is
the same as the AES encryption s-box.

To calculate the second sbox(invert of s1), it just uses the aesdeclast
and then inverts shift_row.
No more process is needed for this job because the second s-box is
the same as the AES decryption s-box.

To calculate the third s-box, it uses the aesenclast,
then affine transformation, which is combined AES inverse affine and
ARIA S2.

To calculate the last s-box, it uses the aesdeclast,
then affine transformation, which is combined X2 and AES forward affine.

The optimized third and last s-box logic and GFNI s-box logic are
implemented by Jussi Kivilinna.

The aria-generic implementation is based on a 32-bit implementation,
not an 8-bit implementation. the aria-avx Diffusion Layer implementation
is based on aria-generic implementation because 8-bit implementation is
not fit for parallel implementation but 32-bit is enough to fit for this.

Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2022-09-24 16:14:44 +08:00
..
alpha Bitmap patches for v6.0-rc1 2022-08-07 17:52:35 -07:00
arc Kbuild updates for v5.20 2022-08-10 10:40:41 -07:00
arm crypto: Kconfig - simplify cipher entries 2022-08-26 18:50:43 +08:00
arm64 crypto: arm64 - revert unintended config name change for CRYPTO_SHA1_ARM64_CE 2022-09-24 16:14:43 +08:00
csky Merge 'irq/loongarch', 'pci/ctrl/loongson' and 'pci/header-cleanup-immutable' 2022-08-11 21:06:14 +08:00
hexagon Bitmap patches for v6.0-rc1 2022-08-07 17:52:35 -07:00
ia64 Bitmap patches for v6.0-rc1 2022-08-07 17:52:35 -07:00
loongarch LoongArch changes for v5.20 2022-08-12 09:44:23 -07:00
m68k Fixes include: 2022-08-09 09:39:25 -07:00
microblaze - The usual batches of cleanups from Baoquan He, Muchun Song, Miaohe 2022-08-05 16:32:45 -07:00
mips crypto: Kconfig - simplify cipher entries 2022-08-26 18:50:43 +08:00
nios2 nios2: drop definition of PGD_ORDER 2022-07-17 17:14:43 -07:00
openrisc Updates to various subsystems which I help look after. lib, ocfs2, 2022-08-07 10:03:24 -07:00
parisc Merge 'irq/loongarch', 'pci/ctrl/loongson' and 'pci/header-cleanup-immutable' 2022-08-11 21:06:14 +08:00
powerpc crypto: Kconfig - simplify cipher entries 2022-08-26 18:50:43 +08:00
riscv RISC-V Patches for the 5.20 Merge Window, Part 2 2022-08-12 18:39:43 -07:00
s390 crypto: Kconfig - simplify cipher entries 2022-08-26 18:50:43 +08:00
sh Merge 'irq/loongarch', 'pci/ctrl/loongson' and 'pci/header-cleanup-immutable' 2022-08-11 21:06:14 +08:00
sparc crypto: Kconfig - simplify cipher entries 2022-08-26 18:50:43 +08:00
um virtio: fatures, fixes 2022-08-12 09:50:34 -07:00
x86 crypto: aria-avx - add AES-NI/AVX/x86_64/GFNI assembler implementation of aria cipher 2022-09-24 16:14:44 +08:00
xtensa Merge 'irq/loongarch', 'pci/ctrl/loongson' and 'pci/header-cleanup-immutable' 2022-08-11 21:06:14 +08:00
.gitignore
Kconfig asm-generic: updates for 6.0 2022-08-05 10:07:23 -07:00