aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/crypto/chacha20poly1305.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* chacha20poly1305: combine stack variables into unionJason A. Donenfeld2018-05-311-54/+53
|
* chacha20poly1305: split up into separate filesJason A. Donenfeld2018-05-311-611/+31
|
* chacha20poly1305: add mips32 implementationRené van Dorst2018-05-181-5/+12
| | | | Signed-off-by: René van Dorst <opensource@vdorst.com>
* chacha20poly1305: make gcc 8.1 happySamuel Neves2018-05-131-2/+2
| | | | | | | | | | | | | | | GCC 8.1 does not know about the invariant `0 <= ctx->num < POLY1305_BLOCK_SIZE`. This results in a warning that `memcpy(ctx->data + num, inp, len);` may overflow the `data` field, which is correct for arbitrary values of `num`. To make the invariant explicit we ensure that `num` is in the required range. An alternative would be to change `ctx->num` to a 4-bit bitfield at the point of declaration. This changes the code from `test ebp, ebp; jz end` to `and ebp, 15; jz end`, which have identical performance characteristics. Signed-off-by: Samuel Neves <sneves@dei.uc.pt>
* chacha20poly1305: put magic constant behind macroJason A. Donenfeld2018-04-051-2/+4
|
* crypto: read only after initJason A. Donenfeld2018-03-021-6/+6
|
* chacha20poly1305: better buffer alignmentJason A. Donenfeld2018-01-301-9/+8
|
* chacha20poly1305: use existing rol32 functionJason A. Donenfeld2018-01-301-9/+4
|
* poly1305: add poly-specific self-testsJason A. Donenfeld2018-01-191-0/+1
|
* poly1305: remove indirect callsSamuel Neves2018-01-181-79/+96
| | | | Signed-off-by: Samuel Neves <sneves@dei.uc.pt>
* global: year bumpJason A. Donenfeld2018-01-031-1/+1
|
* crypto: compile on UMLJason A. Donenfeld2017-12-131-0/+2
| | | | We basically just don't use FPU in UML.
* chacha20poly1305: wire up avx512vl for skylake-xJason A. Donenfeld2017-12-111-3/+16
|
* chacha20: avx512vl implementationSamuel Neves2017-12-111-0/+1
| | | | Signed-off-by: Samuel Neves <sneves@dei.uc.pt>
* chacha20poly1305: cleaner generic codeJason A. Donenfeld2017-12-111-90/+49
|
* global: add SPDX tags to all filesGreg Kroah-Hartman2017-12-091-29/+3
| | | | | | | | | | | | | It's good to have SPDX identifiers in all files as the Linux kernel developers are working to add these identifiers to all files. Update all files with the correct SPDX license identifier based on the license text of the project or based on the license in the file itself. The SPDX identifier is a legally binding shorthand, which can be used instead of the full boiler plate text. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Modified-by: Jason A. Donenfeld <Jason@zx2c4.com>
* poly1305: update x86-64 kernel to AVX512F onlySamuel Neves2017-12-031-6/+1
| | | | Signed-off-by: Samuel Neves <sneves@dei.uc.pt>
* chacha20: directly assign constant and initial stateJason A. Donenfeld2017-11-231-59/+20
|
* poly1305-avx512: requires AVX512F+VL+BWSamuel Neves2017-11-221-1/+6
| | | | Signed-off-by: Samuel Neves <sneves@dei.uc.pt>
* chacha20poly1305: poly cleans up its own stateJason A. Donenfeld2017-11-221-5/+1
|
* poly1305: import MIPS64 primitive from OpenSSLJason A. Donenfeld2017-11-221-8/+17
|
* chacha20poly1305: import ARM primitives from OpenSSLJason A. Donenfeld2017-11-221-45/+51
| | | | ARMv4-ARMv8, with NEON for ARMv7 and ARMv8.
* chacha20poly1305: import x86_64 primitives from OpenSSLSamuel Neves2017-11-221-305/+334
| | | | | | x86_64 only at the moment. SSSE3, AVX, AVX2, AVX512. Signed-off-by: Samuel Neves <sneves@dei.uc.pt>
* receive: hoist fpu outside of receive loopJason A. Donenfeld2017-11-101-5/+2
|
* global: style nitsJason A. Donenfeld2017-10-311-5/+12
|
* crypto/avx: make sure we can actually use ymm registersJason A. Donenfeld2017-10-311-1/+1
|
* global: satisfy bitshift pedantryJason A. Donenfeld2017-10-031-7/+7
| | | | Suggested-by: Sultan Alsawaf <sultanxda@gmail.com>
* main: annotate init/exit functions to save memoryJason A. Donenfeld2017-06-241-2/+2
|
* chacha20poly1305: add NEON versions for ARM and ARM64Jason A. Donenfeld2017-05-301-3/+41
|
* chacha20poly1305: implement vectorized hchacha20Jason A. Donenfeld2017-05-171-21/+55
|
* chacha20poly1305: check return values of sgopsJason A. Donenfeld2017-04-041-8/+16
|
* chacha20poly1305: enforce authtag checking with compilerJason A. Donenfeld2017-03-301-9/+4
|
* blake2s: add AVX implementationJason A. Donenfeld2017-03-191-2/+2
|
* Use __read_mostly attribute when possibleJason A. Donenfeld2017-01-131-3/+3
|
* Update copyrightJason A. Donenfeld2017-01-101-1/+1
|
* cookies: use xchacha20poly1305 instead of chacha20poly1305Jason A. Donenfeld2016-12-231-1/+109
| | | | | This allows us to precompute the blake2s calls and save cycles, since hchacha is fast.
* global: move to consistent use of uN instead of uintN_t for kernel codeJason A. Donenfeld2016-12-111-30/+30
|
* headers: cleanup noticesJason A. Donenfeld2016-11-211-1/+1
|
* chacha20poly1305: sse/ymm should be implicitexperimental-0.0.20161116.1Jason A. Donenfeld2016-11-161-1/+1
|
* chacha20poly1305: rely on avx and avx2experimental-0.0.20161116Jason A. Donenfeld2016-11-161-1/+1
| | | | | | It turns out some FrankenVMs disable AVX but keep AVX2, causing issues. The crypto code now relies on having both AVX and AVX2 and the right features.
* chacha20poly1305: it's just as fast to use these more simple unaligned access helpersJason A. Donenfeld2016-11-071-36/+7
|
* chacha20poly1305: cleanup magic constantsexperimental-0.0.20161105Jason A. Donenfeld2016-11-051-3/+2
|
* c89: the static keyword is okay in c99, but not in c89Jason A. Donenfeld2016-11-051-6/+6
|
* data: keep FPU on when possibleJason A. Donenfeld2016-11-041-51/+11
|
* chacha20poly1305: src is different from dst on last pieceexperimental-0.0.20161103Jason A. Donenfeld2016-11-031-1/+1
| | | | | | | This took hours of debugging. In some cases, the src and dst are different for the last piece, so the incorrect code here resulted in computing the poly1305 over the wrong data. This lead to packets being unnecessarily dropped.
* Rework headers and includesJason A. Donenfeld2016-09-291-1/+1
|
* poly1305: optimize unaligned accessRené van Dorst2016-09-291-0/+30
|
* selftest: move to subfolderJason A. Donenfeld2016-08-021-52/+1
|
* c: specify static array size in function paramsJason A. Donenfeld2016-08-021-6/+6
| | | | | | | | | | | | | | | The C standard states: A declaration of a parameter as ``array of type'' shall be adjusted to ``qualified pointer to type'', where the type qualifiers (if any) are those specified within the [ and ] of the array type derivation. If the keyword static also appears within the [ and ] of the array type derivation, then for each call to the function, the value of the corresponding actual argument shall provide access to the first element of an array with at least as many elements as specified by the size expression. By changing void func(int array[4]) to void func(int array[static 4]), we automatically get the compiler checking argument sizes for us, which is quite nice.
* chacha20poly1305: use more standard way of testing FPU featuresJason A. Donenfeld2016-06-291-7/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.