[PATCH 4/4] rijndael: clean-up prepare_decryption function

Jussi Kivilinna jussi.kivilinna at iki.fi
Sun Sep 27 20:08:28 CEST 2020


* cipher/rijndael-internal.h (rijndael_prepare_decfn_t): New.
(RIJNDAEL_context_s): New member 'prepare_decryption'.
* cipher/rijndael-padlock.c (_gcry_aes_padlock_prepare_decryption): New.
* cipher/rijndael.c (_gcry_aes_padlock_prepare_decryption): New.
(do_setkey): Setup 'ctx->prepare_decryption' for each acceleration type.
(prepare_decryption): Remove calls to other prepare decryption functions.
(check_decryption_preparation): Call 'ctx->prepare_decryption' instead
of 'prepare_decryption'.
--

Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
 cipher/rijndael-internal.h |   2 +
 cipher/rijndael-padlock.c  |   6 ++
 cipher/rijndael.c          | 135 ++++++++++++++-----------------------
 3 files changed, 59 insertions(+), 84 deletions(-)

diff --git a/cipher/rijndael-internal.h b/cipher/rijndael-internal.h
index bdd3bee1..92c47a9d 100644
--- a/cipher/rijndael-internal.h
+++ b/cipher/rijndael-internal.h
@@ -127,6 +127,7 @@ typedef unsigned int (*rijndael_cryptfn_t)(const struct RIJNDAEL_context_s *ctx,
                                            unsigned char *bx,
                                            const unsigned char *ax);
 typedef void (*rijndael_prefetchfn_t)(void);
+typedef void (*rijndael_prepare_decfn_t)(struct RIJNDAEL_context_s *ctx);
 
 /* Our context object.  */
 typedef struct RIJNDAEL_context_s
@@ -181,6 +182,7 @@ typedef struct RIJNDAEL_context_s
   rijndael_cryptfn_t decrypt_fn;
   rijndael_prefetchfn_t prefetch_enc_fn;
   rijndael_prefetchfn_t prefetch_dec_fn;
+  rijndael_prepare_decfn_t prepare_decryption;
 } RIJNDAEL_context ATTR_ALIGNED_16;
 
 /* Macros defining alias for the keyschedules.  */
diff --git a/cipher/rijndael-padlock.c b/cipher/rijndael-padlock.c
index 234751b9..3af214d7 100644
--- a/cipher/rijndael-padlock.c
+++ b/cipher/rijndael-padlock.c
@@ -101,4 +101,10 @@ _gcry_aes_padlock_decrypt (const RIJNDAEL_context *ctx,
   return do_padlock(ctx, bx, ax, 1);
 }
 
+void
+_gcry_aes_padlock_prepare_decryption (RIJNDAEL_context *ctx)
+{
+  /* Padlock does not need decryption subkeys. */
+  (void)ctx;
+}
 #endif /* USE_PADLOCK */
diff --git a/cipher/rijndael.c b/cipher/rijndael.c
index bf9c0050..60d16c68 100644
--- a/cipher/rijndael.c
+++ b/cipher/rijndael.c
@@ -143,6 +143,7 @@ extern unsigned int _gcry_aes_padlock_encrypt (const RIJNDAEL_context *ctx,
 extern unsigned int _gcry_aes_padlock_decrypt (const RIJNDAEL_context *ctx,
                                                unsigned char *bx,
                                                const unsigned char *ax);
+extern void _gcry_aes_padlock_prepare_decryption (RIJNDAEL_context *ctx);
 #endif
 
 #ifdef USE_ARM_ASM
@@ -314,6 +315,7 @@ static void _gcry_aes_xts_crypt (void *context, unsigned char *tweak,
 
 /* Function prototypes.  */
 static const char *selftest(void);
+static void prepare_decryption(RIJNDAEL_context *ctx);
 
 
 
@@ -465,6 +467,7 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen,
       ctx->decrypt_fn = _gcry_aes_aesni_decrypt;
       ctx->prefetch_enc_fn = NULL;
       ctx->prefetch_dec_fn = NULL;
+      ctx->prepare_decryption = _gcry_aes_aesni_prepare_decryption;
       ctx->use_aesni = 1;
       ctx->use_avx = !!(hwfeatures & HWF_INTEL_AVX);
       ctx->use_avx2 = !!(hwfeatures & HWF_INTEL_AVX2);
@@ -487,6 +490,7 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen,
       ctx->decrypt_fn = _gcry_aes_padlock_decrypt;
       ctx->prefetch_enc_fn = NULL;
       ctx->prefetch_dec_fn = NULL;
+      ctx->prepare_decryption = _gcry_aes_padlock_prepare_decryption;
       ctx->use_padlock = 1;
       memcpy (ctx->padlockkey, key, keylen);
     }
@@ -499,6 +503,7 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen,
       ctx->decrypt_fn = _gcry_aes_ssse3_decrypt;
       ctx->prefetch_enc_fn = NULL;
       ctx->prefetch_dec_fn = NULL;
+      ctx->prepare_decryption = _gcry_aes_ssse3_prepare_decryption;
       ctx->use_ssse3 = 1;
 
       /* Setup SSSE3 bulk encryption routines.  */
@@ -519,6 +524,7 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen,
       ctx->decrypt_fn = _gcry_aes_armv8_ce_decrypt;
       ctx->prefetch_enc_fn = NULL;
       ctx->prefetch_dec_fn = NULL;
+      ctx->prepare_decryption = _gcry_aes_armv8_ce_prepare_decryption;
       ctx->use_arm_ce = 1;
 
       /* Setup ARM-CE bulk encryption routines.  */
@@ -540,6 +546,7 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen,
       ctx->decrypt_fn = _gcry_aes_ppc9le_decrypt;
       ctx->prefetch_enc_fn = NULL;
       ctx->prefetch_dec_fn = NULL;
+      ctx->prepare_decryption = _gcry_aes_ppc8_prepare_decryption;
       ctx->use_ppc_crypto = 1; /* same key-setup as USE_PPC_CRYPTO */
       ctx->use_ppc9le_crypto = 1;
 
@@ -562,6 +569,7 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen,
       ctx->decrypt_fn = _gcry_aes_ppc8_decrypt;
       ctx->prefetch_enc_fn = NULL;
       ctx->prefetch_dec_fn = NULL;
+      ctx->prepare_decryption = _gcry_aes_ppc8_prepare_decryption;
       ctx->use_ppc_crypto = 1;
 
       /* Setup PPC8 bulk encryption routines.  */
@@ -581,6 +589,7 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen,
       ctx->decrypt_fn = do_decrypt;
       ctx->prefetch_enc_fn = prefetch_enc;
       ctx->prefetch_dec_fn = prefetch_dec;
+      ctx->prepare_decryption = prepare_decryption;
     }
 
   /* NB: We don't yet support Padlock hardware key generation.  */
@@ -705,94 +714,52 @@ rijndael_setkey (void *context, const byte *key, const unsigned keylen,
 static void
 prepare_decryption( RIJNDAEL_context *ctx )
 {
+  const byte *sbox = ((const byte *)encT) + 1;
   int r;
 
-  if (0)
-    ;
-#ifdef USE_AESNI
-  else if (ctx->use_aesni)
-    {
-      _gcry_aes_aesni_prepare_decryption (ctx);
-    }
-#endif /*USE_AESNI*/
-#ifdef USE_SSSE3
-  else if (ctx->use_ssse3)
-    {
-      _gcry_aes_ssse3_prepare_decryption (ctx);
-    }
-#endif /*USE_SSSE3*/
-#ifdef USE_ARM_CE
-  else if (ctx->use_arm_ce)
-    {
-      _gcry_aes_armv8_ce_prepare_decryption (ctx);
-    }
-#endif /*USE_ARM_CE*/
-#ifdef USE_ARM_CE
-  else if (ctx->use_arm_ce)
-    {
-      _gcry_aes_armv8_ce_prepare_decryption (ctx);
-    }
-#endif /*USE_ARM_CE*/
-#ifdef USE_PPC_CRYPTO
-  else if (ctx->use_ppc_crypto)
-    {
-      _gcry_aes_ppc8_prepare_decryption (ctx);
-    }
-#endif
-#ifdef USE_PADLOCK
-  else if (ctx->use_padlock)
-    {
-      /* Padlock does not need decryption subkeys. */
-    }
-#endif /*USE_PADLOCK*/
-  else
-    {
-      const byte *sbox = ((const byte *)encT) + 1;
+  prefetch_enc();
+  prefetch_dec();
 
-      prefetch_enc();
-      prefetch_dec();
-
-      ctx->keyschdec32[0][0] = ctx->keyschenc32[0][0];
-      ctx->keyschdec32[0][1] = ctx->keyschenc32[0][1];
-      ctx->keyschdec32[0][2] = ctx->keyschenc32[0][2];
-      ctx->keyschdec32[0][3] = ctx->keyschenc32[0][3];
+  ctx->keyschdec32[0][0] = ctx->keyschenc32[0][0];
+  ctx->keyschdec32[0][1] = ctx->keyschenc32[0][1];
+  ctx->keyschdec32[0][2] = ctx->keyschenc32[0][2];
+  ctx->keyschdec32[0][3] = ctx->keyschenc32[0][3];
 
-      for (r = 1; r < ctx->rounds; r++)
-        {
-          u32 *wi = ctx->keyschenc32[r];
-          u32 *wo = ctx->keyschdec32[r];
-          u32 wt;
-
-          wt = wi[0];
-          wo[0] = rol(decT[sbox[(byte)(wt >> 0) * 4]], 8 * 0)
-                 ^ rol(decT[sbox[(byte)(wt >> 8) * 4]], 8 * 1)
-                 ^ rol(decT[sbox[(byte)(wt >> 16) * 4]], 8 * 2)
-                 ^ rol(decT[sbox[(byte)(wt >> 24) * 4]], 8 * 3);
-
-          wt = wi[1];
-          wo[1] = rol(decT[sbox[(byte)(wt >> 0) * 4]], 8 * 0)
-                 ^ rol(decT[sbox[(byte)(wt >> 8) * 4]], 8 * 1)
-                 ^ rol(decT[sbox[(byte)(wt >> 16) * 4]], 8 * 2)
-                 ^ rol(decT[sbox[(byte)(wt >> 24) * 4]], 8 * 3);
-
-          wt = wi[2];
-          wo[2] = rol(decT[sbox[(byte)(wt >> 0) * 4]], 8 * 0)
-                 ^ rol(decT[sbox[(byte)(wt >> 8) * 4]], 8 * 1)
-                 ^ rol(decT[sbox[(byte)(wt >> 16) * 4]], 8 * 2)
-                 ^ rol(decT[sbox[(byte)(wt >> 24) * 4]], 8 * 3);
-
-          wt = wi[3];
-          wo[3] = rol(decT[sbox[(byte)(wt >> 0) * 4]], 8 * 0)
-                 ^ rol(decT[sbox[(byte)(wt >> 8) * 4]], 8 * 1)
-                 ^ rol(decT[sbox[(byte)(wt >> 16) * 4]], 8 * 2)
-                 ^ rol(decT[sbox[(byte)(wt >> 24) * 4]], 8 * 3);
-        }
-
-      ctx->keyschdec32[r][0] = ctx->keyschenc32[r][0];
-      ctx->keyschdec32[r][1] = ctx->keyschenc32[r][1];
-      ctx->keyschdec32[r][2] = ctx->keyschenc32[r][2];
-      ctx->keyschdec32[r][3] = ctx->keyschenc32[r][3];
+  for (r = 1; r < ctx->rounds; r++)
+    {
+      u32 *wi = ctx->keyschenc32[r];
+      u32 *wo = ctx->keyschdec32[r];
+      u32 wt;
+
+      wt = wi[0];
+      wo[0] = rol(decT[sbox[(byte)(wt >> 0) * 4]], 8 * 0)
+	      ^ rol(decT[sbox[(byte)(wt >> 8) * 4]], 8 * 1)
+	      ^ rol(decT[sbox[(byte)(wt >> 16) * 4]], 8 * 2)
+	      ^ rol(decT[sbox[(byte)(wt >> 24) * 4]], 8 * 3);
+
+      wt = wi[1];
+      wo[1] = rol(decT[sbox[(byte)(wt >> 0) * 4]], 8 * 0)
+	      ^ rol(decT[sbox[(byte)(wt >> 8) * 4]], 8 * 1)
+	      ^ rol(decT[sbox[(byte)(wt >> 16) * 4]], 8 * 2)
+	      ^ rol(decT[sbox[(byte)(wt >> 24) * 4]], 8 * 3);
+
+      wt = wi[2];
+      wo[2] = rol(decT[sbox[(byte)(wt >> 0) * 4]], 8 * 0)
+	      ^ rol(decT[sbox[(byte)(wt >> 8) * 4]], 8 * 1)
+	      ^ rol(decT[sbox[(byte)(wt >> 16) * 4]], 8 * 2)
+	      ^ rol(decT[sbox[(byte)(wt >> 24) * 4]], 8 * 3);
+
+      wt = wi[3];
+      wo[3] = rol(decT[sbox[(byte)(wt >> 0) * 4]], 8 * 0)
+	      ^ rol(decT[sbox[(byte)(wt >> 8) * 4]], 8 * 1)
+	      ^ rol(decT[sbox[(byte)(wt >> 16) * 4]], 8 * 2)
+	      ^ rol(decT[sbox[(byte)(wt >> 24) * 4]], 8 * 3);
     }
+
+  ctx->keyschdec32[r][0] = ctx->keyschenc32[r][0];
+  ctx->keyschdec32[r][1] = ctx->keyschenc32[r][1];
+  ctx->keyschdec32[r][2] = ctx->keyschenc32[r][2];
+  ctx->keyschdec32[r][3] = ctx->keyschenc32[r][3];
 }
 
 
@@ -1232,7 +1199,7 @@ check_decryption_preparation (RIJNDAEL_context *ctx)
 {
   if ( !ctx->decryption_prepared )
     {
-      prepare_decryption ( ctx );
+      ctx->prepare_decryption ( ctx );
       ctx->decryption_prepared = 1;
     }
 }
-- 
2.25.1




More information about the Gcrypt-devel mailing list