diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-09-20 16:31:01 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-09-21 16:05:22 +0200 |
commit | 09247c03ab40754365a506a150531f4582826077 (patch) | |
tree | 44d6a1d4d9a5b94e7efcf4f5987e8b11a3b97d1d /src/crypto/include/zinc | |
parent | chacha20-mips32r2: remove reorder directives (diff) | |
download | wireguard-monolithic-historical-09247c03ab40754365a506a150531f4582826077.tar.xz wireguard-monolithic-historical-09247c03ab40754365a506a150531f4582826077.zip |
chacha20-arm: go with Ard's version to optimize for Cortex-A7
Diffstat (limited to 'src/crypto/include/zinc')
-rw-r--r-- | src/crypto/include/zinc/chacha20.h | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/crypto/include/zinc/chacha20.h b/src/crypto/include/zinc/chacha20.h index 455c431..276bdba 100644 --- a/src/crypto/include/zinc/chacha20.h +++ b/src/crypto/include/zinc/chacha20.h @@ -20,7 +20,16 @@ enum { HCHACHA20_NONCE_SIZE = 16 }; +enum { + /* expand 32-byte k */ + CHACHA20_CONSTANT_EXPA = 0x61707865U, + CHACHA20_CONSTANT_ND_3 = 0x3320646eU, + CHACHA20_CONSTANT_2_BY = 0x79622d32U, + CHACHA20_CONSTANT_TE_K = 0x6b206574U +}; + struct chacha20_ctx { + u32 constant[4]; u32 key[8]; u32 counter[4]; } __aligned(32); @@ -29,6 +38,10 @@ static inline void chacha20_init(struct chacha20_ctx *state, const u8 key[CHACHA20_KEY_SIZE], const u64 nonce) { + state->constant[0] = CHACHA20_CONSTANT_EXPA; + state->constant[1] = CHACHA20_CONSTANT_ND_3; + state->constant[2] = CHACHA20_CONSTANT_2_BY; + state->constant[3] = CHACHA20_CONSTANT_TE_K; state->key[0] = get_unaligned_le32(key + 0); state->key[1] = get_unaligned_le32(key + 4); state->key[2] = get_unaligned_le32(key + 8); |