Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Neon impl of ChaCha20 (better size & perf) #9701

Closed
wants to merge 17 commits into from
Closed

Neon impl of ChaCha20 (better size & perf) #9701

Changes from 1 commit
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
a31fc68
Minor size improvements
daverodgman Oct 11, 2024
2cd29ee
Small code-size improvement
daverodgman Oct 15, 2024
8c29c34
Simple Neon implementation
daverodgman Oct 13, 2024
59453af
Move xor into Neon implementation
daverodgman Oct 13, 2024
b0a9055
Introduce chacha20_neon_inc_counter
daverodgman Oct 13, 2024
05f9e32
Tidy up Neon state into a struct
daverodgman Oct 13, 2024
864fed7
Refactor to prepare for multiblock
daverodgman Oct 13, 2024
7938104
Add multiblock support
daverodgman Oct 15, 2024
f9c9268
Code size improvement
daverodgman Oct 15, 2024
50292e8
add Changelog entry
daverodgman Oct 11, 2024
a8e9a88
Test all ChaCha20 Neon scalar and multiblock variations
daverodgman Oct 15, 2024
cd36f25
Fix changelog
daverodgman Oct 16, 2024
c55b159
Fix ABI break
daverodgman Oct 16, 2024
512f2e5
Fix ABI break (revert to original behaviour)
daverodgman Oct 16, 2024
6f632fc
Size: improve counter increment operation
daverodgman Oct 17, 2024
405cbc7
Add MBEDTLS_ARCH_IS_THUMB
daverodgman Oct 23, 2024
a8c28e5
Adjust defaults for Thumb to keep size down
daverodgman Oct 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix ABI break 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
  • Loading branch information
@daverodgman
daverodgman committed Oct 16, 2024
commit c55b1593f5def33caa5d56701fc5e16c3e642de9
6 changes: 3 additions & 3 deletions tf-psa-crypto/drivers/builtin/include/mbedtls/chacha20.h
View file
Original file line number Diff line number Diff line change
@@ -34,9 +34,9 @@ extern "C" {
#endif

typedef struct mbedtls_chacha20_context {
uint32_t MBEDTLS_PRIVATE(state)[16]; /*! The state (before round operations). */
uint8_t MBEDTLS_PRIVATE(keystream8)[64]; /*! Leftover keystream bytes. */
size_t MBEDTLS_PRIVATE(keystream_bytes_remaining); /*! Number of not-used keystream bytes */
uint32_t MBEDTLS_PRIVATE(state)[16]; /*! The state (before round operations). */
uint8_t MBEDTLS_PRIVATE(keystream8)[64]; /*! Leftover keystream bytes. */
size_t MBEDTLS_PRIVATE(keystream_bytes_used); /*! Number of keystream bytes already used. */
}
mbedtls_chacha20_context;

13 changes: 6 additions & 7 deletions tf-psa-crypto/drivers/builtin/src/chacha20.c
View file
Original file line number Diff line number Diff line change
@@ -418,7 +418,7 @@ int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
}

/* Initially, there's no keystream bytes available */
ctx->keystream_bytes_remaining = 0U;
ctx->keystream_bytes_used = 0U;

return 0;
}
@@ -431,12 +431,11 @@ int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
size_t offset = 0U;

/* Use leftover keystream bytes, if available */
while (size > 0U && ctx->keystream_bytes_remaining > 0U) {
output[offset] = input[offset]
^ ctx->keystream8[CHACHA20_BLOCK_SIZE_BYTES -
ctx->keystream_bytes_remaining];
while (size > 0U && ctx->keystream_bytes_used > 0U &&
ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES) {
output[offset] = input[offset] ^ ctx->keystream8[ctx->keystream_bytes_used];

ctx->keystream_bytes_remaining--;
ctx->keystream_bytes_used = (ctx->keystream_bytes_used + 1) % CHACHA20_BLOCK_SIZE_BYTES;
offset++;
size--;
}
@@ -466,7 +465,7 @@ int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,

mbedtls_xor_no_simd(output + offset, input + offset, ctx->keystream8, size);

ctx->keystream_bytes_remaining = CHACHA20_BLOCK_SIZE_BYTES - size;
ctx->keystream_bytes_used = size;
}

/* Capture state */