Re: [PATCH v2 05/38] crypto/aes: Add constants for ShiftRows, InvShiftRows

2023-06-29 Thread Richard Henderson 

On 6/29/23 12:21, Ard Biesheuvel wrote:

+/* AES ShiftRows, for complete unrolling. */
+enum {
+AES_SH_0 = 0x0,
+AES_SH_1 = 0x5,
+AES_SH_2 = 0xa,
+AES_SH_3 = 0xf,
+AES_SH_4 = 0x4,
+AES_SH_5 = 0x9,
+AES_SH_6 = 0xe,
+AES_SH_7 = 0x3,
+AES_SH_8 = 0x8,
+AES_SH_9 = 0xd,
+AES_SH_A = 0x2,
+AES_SH_B = 0x7,
+AES_SH_C = 0xc,
+AES_SH_D = 0x1,
+AES_SH_E = 0x6,
+AES_SH_F = 0xb,
+};
+


We might simplify this further by doing

#define AES_SH(n)  (((n) * 5) % 16)
#define AES_ISH(n)  (((n) * 13) % 16)


Thanks.  I should have noticed, but

  s'_{r,c} = s_{r,(c+r)%4}

didn't make an impression and I assumed the table was non-regular.


r~

Re: [PATCH v2 05/38] crypto/aes: Add constants for ShiftRows, InvShiftRows

2023-06-29 Thread Ard Biesheuvel 
On Fri, 9 Jun 2023 at 04:24, Richard Henderson
 wrote:
>
> These symbols will avoid the indirection through memory
> when fully unrolling some new primitives.
>
> Reviewed-by: Philippe Mathieu-Daudé 
> Signed-off-by: Richard Henderson 
> ---
>  crypto/aes.c | 50 --
>  1 file changed, 48 insertions(+), 2 deletions(-)
>
> diff --git a/crypto/aes.c b/crypto/aes.c
> index 67bb74b8e3..cdf937883d 100644
> --- a/crypto/aes.c
> +++ b/crypto/aes.c
> @@ -108,12 +108,58 @@ const uint8_t AES_isbox[256] = {
>  0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D,
>  };
>
> +/* AES ShiftRows, for complete unrolling. */
> +enum {
> +AES_SH_0 = 0x0,
> +AES_SH_1 = 0x5,
> +AES_SH_2 = 0xa,
> +AES_SH_3 = 0xf,
> +AES_SH_4 = 0x4,
> +AES_SH_5 = 0x9,
> +AES_SH_6 = 0xe,
> +AES_SH_7 = 0x3,
> +AES_SH_8 = 0x8,
> +AES_SH_9 = 0xd,
> +AES_SH_A = 0x2,
> +AES_SH_B = 0x7,
> +AES_SH_C = 0xc,
> +AES_SH_D = 0x1,
> +AES_SH_E = 0x6,
> +AES_SH_F = 0xb,
> +};
> +

We might simplify this further by doing

#define AES_SH(n)  (((n) * 5) % 16)
#define AES_ISH(n)  (((n) * 13) % 16)

>  const uint8_t AES_shifts[16] = {
> -0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11
> +AES_SH_0, AES_SH_1, AES_SH_2, AES_SH_3,
> +AES_SH_4, AES_SH_5, AES_SH_6, AES_SH_7,
> +AES_SH_8, AES_SH_9, AES_SH_A, AES_SH_B,
> +AES_SH_C, AES_SH_D, AES_SH_E, AES_SH_F,
> +};
> +
> +/* AES InvShiftRows, for complete unrolling. */
> +enum {
> +AES_ISH_0 = 0x0,
> +AES_ISH_1 = 0xd,
> +AES_ISH_2 = 0xa,
> +AES_ISH_3 = 0x7,
> +AES_ISH_4 = 0x4,
> +AES_ISH_5 = 0x1,
> +AES_ISH_6 = 0xe,
> +AES_ISH_7 = 0xb,
> +AES_ISH_8 = 0x8,
> +AES_ISH_9 = 0x5,
> +AES_ISH_A = 0x2,
> +AES_ISH_B = 0xf,
> +AES_ISH_C = 0xc,
> +AES_ISH_D = 0x9,
> +AES_ISH_E = 0x6,
> +AES_ISH_F = 0x3,
>  };
>
>  const uint8_t AES_ishifts[16] = {
> -0, 13, 10, 7, 4, 1, 14, 11, 8, 5, 2, 15, 12, 9, 6, 3
> +AES_ISH_0, AES_ISH_1, AES_ISH_2, AES_ISH_3,
> +AES_ISH_4, AES_ISH_5, AES_ISH_6, AES_ISH_7,
> +AES_ISH_8, AES_ISH_9, AES_ISH_A, AES_ISH_B,
> +AES_ISH_C, AES_ISH_D, AES_ISH_E, AES_ISH_F,
>  };
>
>  /*
> --
> 2.34.1
>

Re: [PATCH v2 05/38] crypto/aes: Add constants for ShiftRows, InvShiftRows

2023-06-19 Thread Daniel P . Berrangé 
On Thu, Jun 08, 2023 at 07:23:28PM -0700, Richard Henderson wrote:
> These symbols will avoid the indirection through memory
> when fully unrolling some new primitives.
> 
> Reviewed-by: Philippe Mathieu-Daudé 
> Signed-off-by: Richard Henderson 
> ---
>  crypto/aes.c | 50 --
>  1 file changed, 48 insertions(+), 2 deletions(-)

Acked-by: Daniel P. Berrangé 


With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

[PATCH v2 05/38] crypto/aes: Add constants for ShiftRows, InvShiftRows

2023-06-08 Thread Richard Henderson 
These symbols will avoid the indirection through memory
when fully unrolling some new primitives.

Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Richard Henderson 
---
 crypto/aes.c | 50 --
 1 file changed, 48 insertions(+), 2 deletions(-)

diff --git a/crypto/aes.c b/crypto/aes.c
index 67bb74b8e3..cdf937883d 100644
--- a/crypto/aes.c
+++ b/crypto/aes.c
@@ -108,12 +108,58 @@ const uint8_t AES_isbox[256] = {
 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D,
 };
 
+/* AES ShiftRows, for complete unrolling. */
+enum {
+AES_SH_0 = 0x0,
+AES_SH_1 = 0x5,
+AES_SH_2 = 0xa,
+AES_SH_3 = 0xf,
+AES_SH_4 = 0x4,
+AES_SH_5 = 0x9,
+AES_SH_6 = 0xe,
+AES_SH_7 = 0x3,
+AES_SH_8 = 0x8,
+AES_SH_9 = 0xd,
+AES_SH_A = 0x2,
+AES_SH_B = 0x7,
+AES_SH_C = 0xc,
+AES_SH_D = 0x1,
+AES_SH_E = 0x6,
+AES_SH_F = 0xb,
+};
+
 const uint8_t AES_shifts[16] = {
-0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11
+AES_SH_0, AES_SH_1, AES_SH_2, AES_SH_3,
+AES_SH_4, AES_SH_5, AES_SH_6, AES_SH_7,
+AES_SH_8, AES_SH_9, AES_SH_A, AES_SH_B,
+AES_SH_C, AES_SH_D, AES_SH_E, AES_SH_F,
+};
+
+/* AES InvShiftRows, for complete unrolling. */
+enum {
+AES_ISH_0 = 0x0,
+AES_ISH_1 = 0xd,
+AES_ISH_2 = 0xa,
+AES_ISH_3 = 0x7,
+AES_ISH_4 = 0x4,
+AES_ISH_5 = 0x1,
+AES_ISH_6 = 0xe,
+AES_ISH_7 = 0xb,
+AES_ISH_8 = 0x8,
+AES_ISH_9 = 0x5,
+AES_ISH_A = 0x2,
+AES_ISH_B = 0xf,
+AES_ISH_C = 0xc,
+AES_ISH_D = 0x9,
+AES_ISH_E = 0x6,
+AES_ISH_F = 0x3,
 };
 
 const uint8_t AES_ishifts[16] = {
-0, 13, 10, 7, 4, 1, 14, 11, 8, 5, 2, 15, 12, 9, 6, 3
+AES_ISH_0, AES_ISH_1, AES_ISH_2, AES_ISH_3,
+AES_ISH_4, AES_ISH_5, AES_ISH_6, AES_ISH_7,
+AES_ISH_8, AES_ISH_9, AES_ISH_A, AES_ISH_B,
+AES_ISH_C, AES_ISH_D, AES_ISH_E, AES_ISH_F,
 };
 
 /*
-- 
2.34.1