Initial upload v3.4.7

algo/echo/aes_ni/vperm.h

@@ -0,0 +1,119 @@
+/*
+ * file        : vperm.h
+ * version     : 1.0.208
+ * date        : 14.12.2010
+ * 
+ * vperm implementation of AES s-box 
+ *
+ * Credits: Adapted from Mike Hamburg's AES implementation, http://crypto.stanford.edu/vpaes/
+ *
+ * Cagdas Calik
+ * ccalik@metu.edu.tr
+ * Institute of Applied Mathematics, Middle East Technical University, Turkey.
+ *
+ */
+
+#ifndef VPERM_H
+#define VPERM_H
+
+#include "algo/sha3/sha3_common.h"
+#include <tmmintrin.h>
+
+/*
+extern const unsigned int _k_s0F[];
+extern const unsigned int _k_ipt[];
+extern const unsigned int _k_opt[];
+extern const unsigned int _k_inv[];
+extern const unsigned int _k_sb1[];
+extern const unsigned int _k_sb2[];
+extern const unsigned int _k_sb3[];
+extern const unsigned int _k_sb4[];
+extern const unsigned int _k_sb5[];
+extern const unsigned int _k_sb7[];
+extern const unsigned int _k_sbo[];
+extern const unsigned int _k_h63[];
+extern const unsigned int _k_hc6[];
+extern const unsigned int _k_h5b[];
+extern const unsigned int _k_h4e[];
+extern const unsigned int _k_h0e[];
+extern const unsigned int _k_h15[];
+extern const unsigned int _k_aesmix1[];
+extern const unsigned int _k_aesmix2[];
+extern const unsigned int _k_aesmix3[];
+extern const unsigned int _k_aesmix4[];
+*/
+
+// input: x, table
+// output: x
+#define TRANSFORM(x, table, t1, t2)\
+	t1 = _mm_andnot_si128(M128(_k_s0F), x);\
+	t1 = _mm_srli_epi32(t1, 4);\
+	x  = _mm_and_si128(x, M128(_k_s0F));\
+	t1 = _mm_shuffle_epi8(*((__m128i*)table + 1), t1);\
+	x  = _mm_shuffle_epi8(*((__m128i*)table + 0), x);\
+	x  = _mm_xor_si128(x, t1)
+
+// compiled erroneously with 32-bit msc compiler
+	//t2 = _mm_shuffle_epi8(table[0], x);\
+	//x  = _mm_shuffle_epi8(table[1], t1);\
+	//x  = _mm_xor_si128(x, t2)
+
+
+// input: x
+// output: t2, t3
+#define SUBSTITUTE_VPERM_CORE(x, t1, t2, t3, t4)\
+	t1 = _mm_andnot_si128(M128(_k_s0F), x);\
+	t1 = _mm_srli_epi32(t1, 4);\
+	x  = _mm_and_si128(x, M128(_k_s0F));\
+	t2 = _mm_shuffle_epi8(*((__m128i*)_k_inv + 1), x);\
+	x  = _mm_xor_si128(x, t1);\
+	t3 = _mm_shuffle_epi8(*((__m128i*)_k_inv + 0), t1);\
+	t3 = _mm_xor_si128(t3, t2);\
+	t4 = _mm_shuffle_epi8(*((__m128i*)_k_inv + 0), x);\
+	t4 = _mm_xor_si128(t4, t2);\
+	t2 = _mm_shuffle_epi8(*((__m128i*)_k_inv + 0), t3);\
+	t2 = _mm_xor_si128(t2, x);\
+	t3 = _mm_shuffle_epi8(*((__m128i*)_k_inv + 0), t4);\
+	t3 = _mm_xor_si128(t3, t1);\
+
+
+// input: x1, x2, table
+// output: y
+#define VPERM_LOOKUP(x1, x2, table, y, t)\
+	t = _mm_shuffle_epi8(*((__m128i*)table + 0), x1);\
+	y = _mm_shuffle_epi8(*((__m128i*)table + 1), x2);\
+	y = _mm_xor_si128(y, t)
+
+
+// input: x
+// output: x
+#define SUBSTITUTE_VPERM(x, t1, t2, t3, t4)  \
+	TRANSFORM(x, _k_ipt, t1, t2);\
+	SUBSTITUTE_VPERM_CORE(x, t1, t2, t3, t4);\
+	VPERM_LOOKUP(t2, t3, _k_sbo, x, t1);\
+	x = _mm_xor_si128(x, M128(_k_h63))
+
+
+// input: x
+// output: x
+#define AES_ROUND_VPERM_CORE(x, t1, t2, t3, t4, s1, s2, s3) \
+	SUBSTITUTE_VPERM_CORE(x, t1, t2, t3, t4);\
+	VPERM_LOOKUP(t2, t3, _k_sb1, s1, t1);\
+	VPERM_LOOKUP(t2, t3, _k_sb2, s2, t1);\
+	s3 = _mm_xor_si128(s1, s2);\
+	x = _mm_shuffle_epi8(s2, M128(_k_aesmix1));\
+	x = _mm_xor_si128(x, _mm_shuffle_epi8(s3, M128(_k_aesmix2)));\
+	x = _mm_xor_si128(x, _mm_shuffle_epi8(s1, M128(_k_aesmix3)));\
+	x = _mm_xor_si128(x, _mm_shuffle_epi8(s1, M128(_k_aesmix4)));\
+	x = _mm_xor_si128(x, M128(_k_h5b))
+
+
+// input: x
+// output: x
+#define AES_ROUND_VPERM(x, t1, t2, t3, t4, s1, s2, s3) \
+	TRANSFORM(x, _k_ipt, t1, t2);\
+	AES_ROUND_VPERM_CORE(x, t1, t2, t3, t4, s1, s2, s3);\
+	TRANSFORM(x, _k_opt, t1, t2)
+
+#endif // VPERM_H
+