Dr. Stephen Henson
f4001a0d19
Link GCM into FIPS module. Check return value in EVP gcm.
2011-02-08 15:10:42 +00:00
Andy Polyakov
1f2502eb58
gcm128.c: add boundary condition checks.
2011-02-07 19:11:13 +00:00
Dr. Stephen Henson
fd3dbc1dbf
Add CRYPTO_gcm128_tag() function to retrieve the tag.
2011-02-07 18:05:27 +00:00
Andy Polyakov
b68c13154e
gcm128.c: allow multiple calls to CRYPTO_gcm128_aad.
2011-02-06 23:50:05 +00:00
Andy Polyakov
68e2586bd3
gcm128.c: fix bug in OPENSSL_SMALL_FOOTPRINT decrypt.
...
PR: 2432
Submitted by: Michael Heyman
2011-02-06 23:48:32 +00:00
Bodo Möller
9d0397e977
make update
2011-02-03 10:17:53 +00:00
Dr. Stephen Henson
df6de39fe7
Change AR to ARX to allow exclusion of fips object modules
2011-01-26 16:08:08 +00:00
Andy Polyakov
e822c756b6
s390x assembler pack: adapt for -m31 build, see commentary in Configure
...
for more details.
2010-11-29 20:52:43 +00:00
Andy Polyakov
8986e37249
ghash-s390x.pl: reschedule instructions for better performance.
2010-09-21 11:37:00 +00:00
Andy Polyakov
f8927c89d0
Alpha assembler pack: adapt for Linux.
...
PR: 2335
2010-09-13 13:28:52 +00:00
Andy Polyakov
7d1f55e9d9
Add ghash-s390x.pl.
2010-09-10 14:50:17 +00:00
Andy Polyakov
d52d5ad147
modes/asm/ghash-*.pl: switch to [more reproducible] performance results
...
collected with 'apps/openssl speed ghash'.
2010-09-05 19:52:14 +00:00
Andy Polyakov
a3b0c44b1b
ghash-ia64.pl: 50% performance improvement of gcm_ghash_4bit.
2010-09-05 19:49:54 +00:00
Andy Polyakov
836ea45350
gcm128.c: fix typo in CRYPTO_gcm128_encrypt_ctr32 name.
2010-08-23 14:32:20 +00:00
Andy Polyakov
3fdd168ffc
crypto/modes/Makefile: fix typo in ghash-parisc.s rule.
2010-08-21 11:20:25 +00:00
Andy Polyakov
f71c6aceeb
gcm128.c: add CRYPTO_gcm128_[en|de]crypt_ctr32.
2010-08-02 21:39:51 +00:00
Ben Laurie
a7a6aade9d
Missing prototype.
2010-07-27 16:34:29 +00:00
Andy Polyakov
85e28dfa6f
ghash-ia64.pl: excuse myself from implementing "528B" variant.
2010-07-26 21:54:21 +00:00
Andy Polyakov
6559b40df0
modes/Makefile: update clean rule.
2010-07-26 21:53:01 +00:00
Andy Polyakov
133a7f9a50
perlasm/x86asm.pl: move aesni and pclmulqdq opcodes to aesni-x86.pl and
...
ghash-x86.pl.
2010-07-26 21:42:07 +00:00
Dr. Stephen Henson
aa763c0f6d
WIN32 build fix.
2010-07-26 13:17:17 +00:00
Andy Polyakov
2d22e08083
ARM assembler pack: reschedule instructions for dual-issue pipeline.
...
Modest improvement coefficients mean that code already had some
parallelism and there was not very much room for improvement. Special
thanks to Ted Krovetz for benchmarking the code with such patience.
2010-07-13 14:03:31 +00:00
Andy Polyakov
6acb4ff389
gcm128.c: API modification and readability improvements,
...
add ghash benchmark to apps/speed.c.
2010-07-09 14:10:51 +00:00
Andy Polyakov
396df7311e
crypto/*/Makefile: unify "catch-all" assembler make rules and harmonize
...
ARM assembler modules.
2010-07-08 15:03:42 +00:00
Andy Polyakov
acbcc271b1
ghash-armv4.pl: excuse myself from implementing "528B" flavour.
2010-07-02 08:14:12 +00:00
Andy Polyakov
b28750877c
ghash-sparcv9.pl: fix Makefile rule and add performance data for T1.
2010-07-02 08:09:30 +00:00
Andy Polyakov
c32fcca6f4
SPARCv9 assembler pack: refine CPU detection on Linux, fix for "unaligned
...
opcodes detected in executable segment" error.
2010-07-01 07:34:56 +00:00
Andy Polyakov
d364506a24
ghash-x86_64.pl: "528B" variant delivers further >30% improvement.
2010-06-09 15:05:59 +00:00
Andy Polyakov
04e2b793d6
ghash-x86.pl: commentary updates.
2010-06-09 15:05:14 +00:00
Andy Polyakov
8525950e7e
ghash-x86.pl: "528B" variant of gcm_ghash_4bit_mmx gives 20-40%
...
improvement.
2010-06-04 13:21:01 +00:00
Andy Polyakov
e747f4d418
gcm128.c: P.-M. Hager has tipped about possibility to fold reductions
...
in gcm_ghash_4bit. Taking the idea a step further I've added extra
256+16 bytes of per-key storage, so that one can speak about 3rd variant
in addition to "256B" and "4KB": "528B" one. Commonly it should be
~50% faster than "256B" implementation or ~25% slower than "4KB" one.
2010-05-26 21:36:36 +00:00
Andy Polyakov
07e29c1234
ghash-x86.pl: MMX optimization (+20-40%) and commentary update.
2010-05-23 12:37:01 +00:00
Andy Polyakov
fb2d5a91e9
gcm128.c: commentary update.
2010-05-23 12:35:41 +00:00
Andy Polyakov
1aa8a6297c
ghash-x86[_64].pl: add due credit.
2010-05-13 17:21:52 +00:00
Andy Polyakov
c1f092d14e
GCM "jumbo" update:
...
- gcm128.c: support for Intel PCLMULQDQ, readability improvements;
- asm/ghash-x86.pl: splitted vanilla, MMX, PCLMULQDQ subroutines;
- asm/ghash-x86_64.pl: add PCLMULQDQ implementations.
2010-05-13 15:32:43 +00:00
Andy Polyakov
f472ec8c2f
"Jumbo" update for crypto/modes:
...
- introduce common modes_lcl.h;
- ctr128.c: implement additional CRYPTO_ctr128_encrypt_ctr32 interface;
- gcm128.c: add omitted ARM initialization, remove ctx.ctr;
2010-05-04 19:23:02 +00:00
Andy Polyakov
8a682556b4
Add ghash-armv4.pl.
2010-05-03 18:23:29 +00:00
Ben Laurie
19f7e5e24a
Missing declarations, no assembler in PEDANTIC.
2010-05-01 14:41:25 +00:00
Andy Polyakov
5e19ee96f6
Add ghash-parisc.pl.
2010-04-28 18:51:45 +00:00
Andy Polyakov
8a1c92ce49
Take gcm128.c and ghash assembler modules into the build loop.
2010-04-22 21:36:26 +00:00
Andy Polyakov
4f39edbff1
gcm128.c and assembler modules: change argument order for gcm_ghash_4bit.
...
ghash-x86*.pl: fix performance numbers for Core2, as it turned out
previous ones were "tainted" by variable clock frequency.
2010-04-14 19:04:51 +00:00
Andy Polyakov
6a1823b371
[co]fb128.c: fix "n=0" bug.
2010-04-14 07:47:28 +00:00
Andy Polyakov
a595baff9f
gcm128.c: commentary and formatting updates.
2010-04-10 14:02:26 +00:00
Andy Polyakov
67a315b60b
cts128.c: add support for NIST "Ciphertext Stealing" proposal.
2010-04-10 14:01:02 +00:00
Andy Polyakov
f62df694ad
ctr129.c: fix typo, simplify ctr128_inc and fix "n=0" bug.
2010-04-10 13:46:53 +00:00
Andy Polyakov
42feba4797
Add ghash-alpha.pl assembler module.
2010-04-10 13:44:20 +00:00
Andy Polyakov
c3473126b1
GHASH assembler: new ghash-sparcv9.pl module and saner descriptions.
2010-03-22 17:24:18 +00:00
Andy Polyakov
480cd6ab6e
ghash-ia64.pl: new file, GHASH for Itanium.
...
ghash-x86_64.pl: minimize stack frame usage.
ghash-x86.pl: modulo-scheduling MMX loop in respect to input vector
results in up to 10% performance improvement.
2010-03-15 19:07:52 +00:00
Andy Polyakov
f093794e55
Add GHASH x86_64 assembler.
2010-03-11 16:19:46 +00:00
Andy Polyakov
e3a510f8a6
Add GHASH x86 assembler.
2010-03-09 23:03:33 +00:00
Andy Polyakov
2262beef2e
gcm128.c: add option for streamed GHASH, simple benchmark, minor naming
...
change.
2010-03-08 22:44:37 +00:00
Andy Polyakov
e7f5b1cd42
Initial version of Galois Counter Mode implementation. Interface is still
...
subject to change...
2010-03-02 16:33:25 +00:00
Dr. Stephen Henson
918a5d04e4
PR: 2164
...
Submitted by: "Noszticzius, Istvan" <inoszticzius@rightnow.com>
Don't clear the output buffer: ciphers should correctly the same input
and output buffers.
2010-02-15 19:00:12 +00:00
Andy Polyakov
5cabcf96e7
Fix "possible loss of data" Win64 compiler warnings.
2008-12-29 12:35:49 +00:00
Dr. Stephen Henson
2d1cbc85c8
Add standard .cvsignore file.
2008-12-29 00:27:06 +00:00
Andy Polyakov
fe150ac25d
Add modes/cts128.c, Ciphertext Stealing implementation.
2008-12-27 13:40:45 +00:00
Andy Polyakov
63fc7f848d
crypto/modes: make modes.h selfsufficient and rename block_f to block128_t.
2008-12-23 11:18:45 +00:00
Andy Polyakov
85b2c0ce7f
128-bit block cipher modes consolidation. As consolidated functions
...
rely on indirect call to block functions, they are not as fast as
non-consolidated routines. However, performance loss(*) is within
measurement error and consolidation advantages are considered to
outweigh it.
(*) actually one can observe performance *improvement* on e.g.
CBC benchmarks thanks to optimization, which also becomes
shared among ciphers.
2008-12-16 08:39:21 +00:00