Permalink
Browse files

supercop-20120908

  • Loading branch information...
Daniel J. Bernstein authored and floodyberry committed Sep 8, 2012
1 parent cfe0310 commit 688fad784999250e6e61aa2a35714c70dccf047e
Showing with 59,609 additions and 218 deletions.
  1. +1 −0 crypto_auth/pyrhash/checksum
  2. +1 −15 crypto_auth/pyrhash/little/verify.c
  3. +1 −17 crypto_auth/siphash24/little/siphash.c
  4. +2 −0 crypto_auth/siphash24/little2/api.h
  5. +1 −0 crypto_auth/siphash24/little2/implementors
  6. +55 −0 crypto_auth/siphash24/little2/siphash.c
  7. +9 −0 crypto_auth/siphash24/little2/verify.c
  8. +1 −18 crypto_auth/siphash24/mmx/siphash.c
  9. +1 −16 crypto_auth/siphash24/ref_le/verify.c
  10. +1 −17 crypto_auth/siphash24/sandy/siphash.c
  11. +2 −0 crypto_auth/siphash24/sandy2/api.h
  12. +1 −0 crypto_auth/siphash24/sandy2/implementors
  13. +60 −0 crypto_auth/siphash24/sandy2/siphash.c
  14. +9 −0 crypto_auth/siphash24/sandy2/verify.c
  15. +1 −17 crypto_auth/siphash24/sse2-1/siphash.c
  16. +1 −17 crypto_auth/siphash24/sse41/siphash.c
  17. +1 −16 crypto_auth/siphash48/little/siphash.c
  18. +1 −17 crypto_auth/siphash48/mmx/siphash.c
  19. +1 −16 crypto_auth/siphash48/ref_le/verify.c
  20. +1 −17 crypto_auth/siphash48/sandy/siphash.c
  21. +1 −17 crypto_auth/siphash48/sse2-1/siphash.c
  22. +1 −17 crypto_auth/siphash48/sse41/siphash.c
  23. +7 −0 crypto_onetimeauth/poly1305/neon2/Makefile
  24. +118 −0 crypto_onetimeauth/poly1305/neon2/addmulmod.q
  25. +496 −0 crypto_onetimeauth/poly1305/neon2/addmulmod.s
  26. +2 −0 crypto_onetimeauth/poly1305/neon2/architectures
  27. +195 −0 crypto_onetimeauth/poly1305/neon2/auth.c
  28. +427 −0 crypto_onetimeauth/poly1305/neon2/blocks.q
  29. +1,517 −0 crypto_onetimeauth/poly1305/neon2/blocks.s
  30. +2 −0 crypto_onetimeauth/poly1305/neon2/implementors
  31. +3 −0 crypto_stream/aes128ctr/neon/api.h
  32. +2 −0 crypto_stream/aes128ctr/neon/architectures
  33. +795 −0 crypto_stream/aes128ctr/neon/common.pq
  34. +238 −0 crypto_stream/aes128ctr/neon/crypto_stream_afternm.pq
  35. +3,007 −0 crypto_stream/aes128ctr/neon/crypto_stream_afternm.q
  36. +12,251 −0 crypto_stream/aes128ctr/neon/crypto_stream_afternm.s
  37. +58 −0 crypto_stream/aes128ctr/neon/crypto_stream_beforenm.pq
  38. +3,235 −0 crypto_stream/aes128ctr/neon/crypto_stream_beforenm.q
  39. +14,454 −0 crypto_stream/aes128ctr/neon/crypto_stream_beforenm.s
  40. +283 −0 crypto_stream/aes128ctr/neon/crypto_stream_xor_afternm.pq
  41. +3,051 −0 crypto_stream/aes128ctr/neon/crypto_stream_xor_afternm.q
  42. +12,407 −0 crypto_stream/aes128ctr/neon/crypto_stream_xor_afternm.s
  43. +6 −0 crypto_stream/aes128ctr/neon/do
  44. +3 −0 crypto_stream/aes128ctr/neon/implementors
  45. +71 −0 crypto_stream/aes128ctr/neon/stream.c
  46. +5 −0 crypto_stream/salsa20/armneon6/Makefile
  47. +2 −0 crypto_stream/salsa20/armneon6/api.h
  48. +2 −0 crypto_stream/salsa20/armneon6/architectures
  49. +3 −0 crypto_stream/salsa20/armneon6/implementors
  50. +16 −0 crypto_stream/salsa20/armneon6/stream.c
  51. +1,167 −0 crypto_stream/salsa20/armneon6/xor.q
  52. +4,717 −0 crypto_stream/salsa20/armneon6/xor.s
  53. +897 −0 crypto_stream/salsa20/armneon6/xor.s.pure
  54. +1 −0 crypto_verify/8/checksum
  55. +1 −0 crypto_verify/8/ref/api.h
  56. +16 −0 crypto_verify/8/ref/verify.c
  57. 0 crypto_verify/8/used
  58. +1 −1 version
@@ -0,0 +1 @@
+2c9de82f6d0b86fb
@@ -1,19 +1,5 @@
#include "crypto_auth.h"
-
-static int crypto_verify_8(const unsigned char *x,const unsigned char *y)
-{
- unsigned int differentbits = 0;
-#define F(i) differentbits |= x[i] ^ y[i];
- F(0)
- F(1)
- F(2)
- F(3)
- F(4)
- F(5)
- F(6)
- F(7)
- return (1 & ((differentbits - 1) >> 8)) - 1;
-}
+#include "crypto_verify_8.h"
int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
@@ -1,10 +1,10 @@
-
#include <stdlib.h>
#include "crypto_auth.h"
#include "crypto_uint64.h"
#include "crypto_uint32.h"
#include "crypto_uint8.h"
+#include "crypto_verify_8.h"
typedef crypto_uint64 u64;
typedef crypto_uint32 u32;
@@ -92,22 +92,6 @@ int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long in
}
-static int crypto_verify_8(const unsigned char *x,const unsigned char *y)
-{
- unsigned int differentbits = 0;
-#define F(i) differentbits |= x[i] ^ y[i];
- F(0)
- F(1)
- F(2)
- F(3)
- F(4)
- F(5)
- F(6)
- F(7)
- return (1 & ((differentbits - 1) >> 8)) - 1;
-}
-
-
int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
u8 correct[8];
@@ -0,0 +1,2 @@
+#define CRYPTO_BYTES 8
+#define CRYPTO_KEYBYTES 16
@@ -0,0 +1 @@
+Daniel J. Bernstein
@@ -0,0 +1,55 @@
+#include "crypto_auth.h"
+#include "crypto_uint64.h"
+typedef crypto_uint64 uint64;
+
+#define ROTATE(x,b) x = (x << b) | (x >> (64 - b))
+
+#define ROUND \
+ v0 += v1; v2 += v3; \
+ ROTATE(v1,13); ROTATE(v3,16); \
+ v1 ^= v0; v3 ^= v2; \
+ ROTATE(v0,32); \
+ v2 += v1; v0 += v3; \
+ ROTATE(v1,17); ROTATE(v3,21); \
+ v1 ^= v2; v3 ^= v0; \
+ ROTATE(v2,32);
+
+int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
+{
+ uint64 v0 = *(uint64 *) (k);
+ uint64 v1 = *(uint64 *) (k + 8);
+ uint64 lastblock = inlen << 56;
+ uint64 v2 = v0;
+ uint64 v3 = v1;
+ int i;
+
+ v0 ^= 0x736f6d6570736575;
+ v1 ^= 0x646f72616e646f6d;
+ v2 ^= 0x6c7967656e657261;
+ v3 ^= 0x7465646279746573;
+
+ while (inlen >= 8) { /* floor(inlen/8) normal loops */
+ uint64 mi = *(uint64 *) in;
+ in += 8;
+ v3 ^= mi;
+ ROUND
+ ROUND
+ v0 ^= mi;
+ inlen -= 8;
+ }
+ /* now inlen <= 7; 1 extra loop; total loops: ceil((inlen+1)/8) */
+ for (i = 0;i < inlen;++i) i[(char *) &lastblock] = i[in];
+ v3 ^= lastblock;
+ ROUND
+ ROUND
+ v0 ^= lastblock;
+
+ v2 ^= 0xff;
+ ROUND
+ ROUND
+ ROUND
+ ROUND
+ *(uint64 *) out = (v0 ^ v1) ^ (v2 ^ v3);
+
+ return 0;
+}
@@ -0,0 +1,9 @@
+#include "crypto_auth.h"
+#include "crypto_verify_8.h"
+
+int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
+{
+ unsigned char correct[8];
+ crypto_auth(correct,in,inlen,k);
+ return crypto_verify_8(h,correct);
+}
@@ -1,12 +1,11 @@
-
#include <mmintrin.h>
#include <emmintrin.h>
-
#include "crypto_auth.h"
#include "crypto_uint64.h"
#include "crypto_uint32.h"
#include "crypto_uint8.h"
+#include "crypto_verify_8.h"
typedef crypto_uint64 u64;
typedef crypto_uint32 u32;
@@ -103,22 +102,6 @@ int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long in
}
-static int crypto_verify_8(const unsigned char *x,const unsigned char *y)
-{
- unsigned int differentbits = 0;
-#define F(i) differentbits |= x[i] ^ y[i];
- F(0)
- F(1)
- F(2)
- F(3)
- F(4)
- F(5)
- F(6)
- F(7)
- return (1 & ((differentbits - 1) >> 8)) - 1;
-}
-
-
int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
u8 correct[8];
@@ -1,20 +1,5 @@
#include "crypto_auth.h"
-
-static int crypto_verify_8( const unsigned char *x, const unsigned char *y )
-{
- unsigned int differentbits = 0;
-#define F(i) differentbits |= x[i] ^ y[i];
- F( 0 )
- F( 1 )
- F( 2 )
- F( 3 )
- F( 4 )
- F( 5 )
- F( 6 )
- F( 7 )
- return ( 1 & ( ( differentbits - 1 ) >> 8 ) ) - 1;
-}
-
+#include "crypto_verify_8.h"
int crypto_auth_verify( const unsigned char *h, const unsigned char *in, unsigned long long inlen, const unsigned char *k )
{
@@ -4,6 +4,7 @@
#include "crypto_uint64.h"
#include "crypto_uint32.h"
#include "crypto_uint8.h"
+#include "crypto_verify_8.h"
typedef crypto_uint64 u64;
typedef crypto_uint32 u32;
@@ -97,23 +98,6 @@ int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long in
return 0;
}
-
-static int crypto_verify_8(const unsigned char *x,const unsigned char *y)
-{
- unsigned int differentbits = 0;
-#define F(i) differentbits |= x[i] ^ y[i];
- F(0)
- F(1)
- F(2)
- F(3)
- F(4)
- F(5)
- F(6)
- F(7)
- return (1 & ((differentbits - 1) >> 8)) - 1;
-}
-
-
int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
u8 correct[8];
@@ -0,0 +1,2 @@
+#define CRYPTO_BYTES 8
+#define CRYPTO_KEYBYTES 16
@@ -0,0 +1 @@
+Daniel J. Bernstein
@@ -0,0 +1,60 @@
+#include "crypto_auth.h"
+#include "crypto_uint64.h"
+typedef crypto_uint64 uint64;
+
+#define ROTATE(x,n) ({ \
+ register uint64 __out; \
+ register uint64 __in = x; \
+ __asm__ ("shld %2,%0,%0" : "=r"(__out) : "0"(__in), "i"(n)); \
+ x = __out; \
+ })
+
+#define ROUND \
+ v0 += v1; v2 += v3; \
+ ROTATE(v1,13); ROTATE(v3,16); \
+ v1 ^= v0; v3 ^= v2; \
+ ROTATE(v0,32); \
+ v2 += v1; v0 += v3; \
+ ROTATE(v1,17); ROTATE(v3,21); \
+ v1 ^= v2; v3 ^= v0; \
+ ROTATE(v2,32);
+
+int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
+{
+ uint64 v0 = *(uint64 *) (k);
+ uint64 v1 = *(uint64 *) (k + 8);
+ uint64 lastblock = inlen << 56;
+ uint64 v2 = v0;
+ uint64 v3 = v1;
+ int i;
+
+ v0 ^= 0x736f6d6570736575;
+ v1 ^= 0x646f72616e646f6d;
+ v2 ^= 0x6c7967656e657261;
+ v3 ^= 0x7465646279746573;
+
+ while (inlen >= 8) { /* floor(inlen/8) normal loops */
+ uint64 mi = *(uint64 *) in;
+ in += 8;
+ v3 ^= mi;
+ ROUND
+ ROUND
+ v0 ^= mi;
+ inlen -= 8;
+ }
+ /* now inlen <= 7; 1 extra loop; total loops: ceil((inlen+1)/8) */
+ for (i = 0;i < inlen;++i) i[(char *) &lastblock] = i[in];
+ v3 ^= lastblock;
+ ROUND
+ ROUND
+ v0 ^= lastblock;
+
+ v2 ^= 0xff;
+ ROUND
+ ROUND
+ ROUND
+ ROUND
+ *(uint64 *) out = (v0 ^ v1) ^ (v2 ^ v3);
+
+ return 0;
+}
@@ -0,0 +1,9 @@
+#include "crypto_auth.h"
+#include "crypto_verify_8.h"
+
+int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
+{
+ unsigned char correct[8];
+ crypto_auth(correct,in,inlen,k);
+ return crypto_verify_8(h,correct);
+}
@@ -6,6 +6,7 @@
#include "crypto_uint64.h"
#include "crypto_uint32.h"
#include "crypto_uint8.h"
+#include "crypto_verify_8.h"
typedef crypto_uint64 u64;
typedef crypto_uint32 u32;
@@ -97,23 +98,6 @@ int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long in
return 0;
}
-
-static int crypto_verify_8(const unsigned char *x,const unsigned char *y)
-{
- unsigned int differentbits = 0;
-#define F(i) differentbits |= x[i] ^ y[i];
- F(0)
- F(1)
- F(2)
- F(3)
- F(4)
- F(5)
- F(6)
- F(7)
- return (1 & ((differentbits - 1) >> 8)) - 1;
-}
-
-
int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
u8 correct[8];
@@ -5,6 +5,7 @@
#include "crypto_uint64.h"
#include "crypto_uint32.h"
#include "crypto_uint8.h"
+#include "crypto_verify_8.h"
typedef crypto_uint64 u64;
typedef crypto_uint32 u32;
@@ -105,23 +106,6 @@ int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long in
return 0;
}
-
-static int crypto_verify_8(const unsigned char *x,const unsigned char *y)
-{
- unsigned int differentbits = 0;
-#define F(i) differentbits |= x[i] ^ y[i];
- F(0)
- F(1)
- F(2)
- F(3)
- F(4)
- F(5)
- F(6)
- F(7)
- return (1 & ((differentbits - 1) >> 8)) - 1;
-}
-
-
int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
u8 correct[8];
@@ -5,6 +5,7 @@
#include "crypto_uint64.h"
#include "crypto_uint32.h"
#include "crypto_uint8.h"
+#include "crypto_verify_8.h"
typedef crypto_uint64 u64;
typedef crypto_uint32 u32;
@@ -92,22 +93,6 @@ int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long in
}
-static int crypto_verify_8(const unsigned char *x,const unsigned char *y)
-{
- unsigned int differentbits = 0;
-#define F(i) differentbits |= x[i] ^ y[i];
- F(0)
- F(1)
- F(2)
- F(3)
- F(4)
- F(5)
- F(6)
- F(7)
- return (1 & ((differentbits - 1) >> 8)) - 1;
-}
-
-
int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
u8 correct[8];
Oops, something went wrong.

0 comments on commit 688fad7

Please sign in to comment.