Text file src/crypto/aes/asm_s390x.s

Documentation: crypto/aes

     1// Copyright 2016 The Go Authors. All rights reserved.
     2// Use of this source code is governed by a BSD-style
     3// license that can be found in the LICENSE file.
     4
     5#include "textflag.h"
     6
     7// func cryptBlocks(c code, key, dst, src *byte, length int)
     8TEXT ·cryptBlocks(SB),NOSPLIT,$0-40
     9	MOVD	key+8(FP), R1
    10	MOVD	dst+16(FP), R2
    11	MOVD	src+24(FP), R4
    12	MOVD	length+32(FP), R5
    13	MOVD	c+0(FP), R0
    14loop:
    15	WORD	$0xB92E0024 // cipher message (KM)
    16	BVS	loop        // branch back if interrupted
    17	XOR	R0, R0
    18	RET
    19
    20// func cryptBlocksChain(c code, iv, key, dst, src *byte, length int)
    21TEXT ·cryptBlocksChain(SB),NOSPLIT,$48-48
    22	LA	params-48(SP), R1
    23	MOVD	iv+8(FP), R8
    24	MOVD	key+16(FP), R9
    25	MVC	$16, 0(R8), 0(R1)  // move iv into params
    26	MVC	$32, 0(R9), 16(R1) // move key into params
    27	MOVD	dst+24(FP), R2
    28	MOVD	src+32(FP), R4
    29	MOVD	length+40(FP), R5
    30	MOVD	c+0(FP), R0
    31loop:
    32	WORD	$0xB92F0024       // cipher message with chaining (KMC)
    33	BVS	loop              // branch back if interrupted
    34	XOR	R0, R0
    35	MVC	$16, 0(R1), 0(R8) // update iv
    36	RET
    37
    38// func xorBytes(dst, a, b []byte) int
    39TEXT ·xorBytes(SB),NOSPLIT,$0-80
    40	MOVD	dst_base+0(FP), R1
    41	MOVD	a_base+24(FP), R2
    42	MOVD	b_base+48(FP), R3
    43	MOVD	a_len+32(FP), R4
    44	MOVD	b_len+56(FP), R5
    45	CMPBLE	R4, R5, skip
    46	MOVD	R5, R4
    47skip:
    48	MOVD	R4, ret+72(FP)
    49	MOVD	$0, R5
    50	CMPBLT	R4, $8, tail
    51loop:
    52	MOVD	0(R2)(R5*1), R7
    53	MOVD	0(R3)(R5*1), R8
    54	XOR	R7, R8
    55	MOVD	R8, 0(R1)(R5*1)
    56	LAY	8(R5), R5
    57	SUB	$8, R4
    58	CMPBGE	R4, $8, loop
    59tail:
    60	CMPBEQ	R4, $0, done
    61	MOVB	0(R2)(R5*1), R7
    62	MOVB	0(R3)(R5*1), R8
    63	XOR	R7, R8
    64	MOVB	R8, 0(R1)(R5*1)
    65	LAY	1(R5), R5
    66	SUB	$1, R4
    67	BR	tail
    68done:
    69	RET
    70
    71// func cryptBlocksGCM(fn code, key, dst, src, buf []byte, cnt *[16]byte)
    72TEXT ·cryptBlocksGCM(SB),NOSPLIT,$0-112
    73	MOVD	src_len+64(FP), R0
    74	MOVD	buf_base+80(FP), R1
    75	MOVD	cnt+104(FP), R12
    76	LMG	(R12), R2, R3
    77
    78	// Check that the src size is less than or equal to the buffer size.
    79	MOVD	buf_len+88(FP), R4
    80	CMP	R0, R4
    81	BGT	crash
    82
    83	// Check that the src size is a multiple of 16-bytes.
    84	MOVD	R0, R4
    85	AND	$0xf, R4
    86	BLT	crash // non-zero
    87
    88	// Check that the src size is less than or equal to the dst size.
    89	MOVD	dst_len+40(FP), R4
    90	CMP	R0, R4
    91	BGT	crash
    92
    93	MOVD	R2, R4
    94	MOVD	R2, R6
    95	MOVD	R2, R8
    96	MOVD	R3, R5
    97	MOVD	R3, R7
    98	MOVD	R3, R9
    99	ADDW	$1, R5
   100	ADDW	$2, R7
   101	ADDW	$3, R9
   102incr:
   103	CMP	R0, $64
   104	BLT	tail
   105	STMG	R2, R9, (R1)
   106	ADDW	$4, R3
   107	ADDW	$4, R5
   108	ADDW	$4, R7
   109	ADDW	$4, R9
   110	MOVD	$64(R1), R1
   111	SUB	$64, R0
   112	BR	incr
   113tail:
   114	CMP	R0, $0
   115	BEQ	crypt
   116	STMG	R2, R3, (R1)
   117	ADDW	$1, R3
   118	MOVD	$16(R1), R1
   119	SUB	$16, R0
   120	BR	tail
   121crypt:
   122	STMG	R2, R3, (R12)       // update next counter value
   123	MOVD	fn+0(FP), R0        // function code (encryption)
   124	MOVD	key_base+8(FP), R1  // key
   125	MOVD	buf_base+80(FP), R2 // counter values
   126	MOVD	dst_base+32(FP), R4 // dst
   127	MOVD	src_base+56(FP), R6 // src
   128	MOVD	src_len+64(FP), R7  // len
   129loop:
   130	WORD	$0xB92D2046         // cipher message with counter (KMCTR)
   131	BVS	loop                // branch back if interrupted
   132	RET
   133crash:
   134	MOVD	$0, (R0)
   135	RET
   136
   137// func ghash(key *gcmHashKey, hash *[16]byte, data []byte)
   138TEXT ·ghash(SB),NOSPLIT,$32-40
   139	MOVD    $65, R0 // GHASH function code
   140	MOVD	key+0(FP), R2
   141	LMG	(R2), R6, R7
   142	MOVD	hash+8(FP), R8
   143	LMG	(R8), R4, R5
   144	MOVD	$params-32(SP), R1
   145	STMG	R4, R7, (R1)
   146	LMG	data+16(FP), R2, R3 // R2=base, R3=len
   147loop:
   148	WORD    $0xB93E0002 // compute intermediate message digest (KIMD)
   149	BVS     loop        // branch back if interrupted
   150	MVC     $16, (R1), (R8)
   151	MOVD	$0, R0
   152	RET
   153
   154// func kmaGCM(fn code, key, dst, src, aad []byte, tag *[16]byte, cnt *gcmCount)
   155TEXT ·kmaGCM(SB),NOSPLIT,$112-120
   156	MOVD	fn+0(FP), R0
   157	MOVD	$params-112(SP), R1
   158
   159	// load ptr/len pairs
   160	LMG	dst+32(FP), R2, R3 // R2=base R3=len
   161	LMG	src+56(FP), R4, R5 // R4=base R5=len
   162	LMG	aad+80(FP), R6, R7 // R6=base R7=len
   163
   164	// setup parameters
   165	MOVD	cnt+112(FP), R8
   166	XC	$12, (R1), (R1)     // reserved
   167	MVC	$4, 12(R8), 12(R1)  // set chain value
   168	MVC	$16, (R8), 64(R1)   // set initial counter value
   169	XC	$32, 16(R1), 16(R1) // set hash subkey and tag
   170	SLD	$3, R7, R12
   171	MOVD	R12, 48(R1)         // set total AAD length
   172	SLD	$3, R5, R12
   173	MOVD	R12, 56(R1)         // set total plaintext/ciphertext length
   174
   175	LMG	key+8(FP), R8, R9   // R8=base R9=len
   176	MVC	$16, (R8), 80(R1)   // set key
   177	CMPBEQ	R9, $16, kma
   178	MVC	$8, 16(R8), 96(R1)
   179	CMPBEQ	R9, $24, kma
   180	MVC	$8, 24(R8), 104(R1)
   181
   182kma:
   183	WORD	$0xb9296024 // kma %r6,%r2,%r4
   184	BVS	kma
   185
   186	MOVD	tag+104(FP), R2
   187	MVC	$16, 16(R1), 0(R2) // copy tag to output
   188	MOVD	cnt+112(FP), R8
   189	MVC	$4, 12(R1), 12(R8) // update counter value
   190
   191	RET

View as plain text