24 #if (CRYPTOPP_SSE2_INTRIN_AVAILABLE) 25 # include <xmmintrin.h> 26 # include <emmintrin.h> 29 #if (CRYPTOPP_AESNI_AVAILABLE) 30 # include <tmmintrin.h> 31 # include <wmmintrin.h> 35 extern const char SM4_SIMD_FNAME[] = __FILE__;
37 ANONYMOUS_NAMESPACE_BEGIN
39 using CryptoPP::word32;
41 #if (CRYPTOPP_AESNI_AVAILABLE) 43 template <
unsigned int R>
44 inline __m128i ShiftLeft(
const __m128i& val)
46 return _mm_slli_epi32(val, R);
49 template <
unsigned int R>
50 inline __m128i ShiftRight(
const __m128i& val)
52 return _mm_srli_epi32(val, R);
55 template <
unsigned int R>
56 inline __m128i ShiftLeft64(
const __m128i& val)
58 return _mm_slli_epi64(val, R);
61 template <
unsigned int R>
62 inline __m128i ShiftRight64(
const __m128i& val)
64 return _mm_srli_epi64(val, R);
67 template <
unsigned int R>
68 inline __m128i RotateLeft(
const __m128i& val)
71 _mm_slli_epi32(val, R), _mm_srli_epi32(val, 32-R));
74 template <
unsigned int R>
75 inline __m128i RotateRight(
const __m128i& val)
78 _mm_slli_epi32(val, 32-R), _mm_srli_epi32(val, R));
82 inline __m128i RotateLeft<8>(
const __m128i& val)
84 const __m128i r08 = _mm_set_epi32(0x0E0D0C0F, 0x0A09080B, 0x06050407, 0x02010003);
85 return _mm_shuffle_epi8(val, r08);
89 inline __m128i RotateLeft<16>(
const __m128i& val)
91 const __m128i mask = _mm_set_epi32(0x0D0C0F0E, 0x09080B0A, 0x05040706, 0x01000302);
92 return _mm_shuffle_epi8(val, mask);
96 inline __m128i RotateLeft<24>(
const __m128i& val)
98 const __m128i mask = _mm_set_epi32(0x0C0F0E0D, 0x080B0A09, 0x04070605, 0x00030201);
99 return _mm_shuffle_epi8(val, mask);
110 template <
unsigned int IDX>
111 inline __m128i UnpackXMM(
const __m128i& a,
const __m128i& b,
const __m128i& c,
const __m128i& d)
114 CRYPTOPP_UNUSED(a); CRYPTOPP_UNUSED(b);
115 CRYPTOPP_UNUSED(c); CRYPTOPP_UNUSED(d);
117 return _mm_setzero_si128();
121 inline __m128i UnpackXMM<0>(
const __m128i& a,
const __m128i& b,
const __m128i& c,
const __m128i& d)
123 const __m128i r1 = _mm_unpacklo_epi32(a, b);
124 const __m128i r2 = _mm_unpacklo_epi32(c, d);
125 return _mm_unpacklo_epi64(r1, r2);
129 inline __m128i UnpackXMM<1>(
const __m128i& a,
const __m128i& b,
const __m128i& c,
const __m128i& d)
131 const __m128i r1 = _mm_unpacklo_epi32(a, b);
132 const __m128i r2 = _mm_unpacklo_epi32(c, d);
133 return _mm_unpackhi_epi64(r1, r2);
137 inline __m128i UnpackXMM<2>(
const __m128i& a,
const __m128i& b,
const __m128i& c,
const __m128i& d)
139 const __m128i r1 = _mm_unpackhi_epi32(a, b);
140 const __m128i r2 = _mm_unpackhi_epi32(c, d);
141 return _mm_unpacklo_epi64(r1, r2);
145 inline __m128i UnpackXMM<3>(
const __m128i& a,
const __m128i& b,
const __m128i& c,
const __m128i& d)
147 const __m128i r1 = _mm_unpackhi_epi32(a, b);
148 const __m128i r2 = _mm_unpackhi_epi32(c, d);
149 return _mm_unpackhi_epi64(r1, r2);
157 template <
unsigned int IDX>
158 inline __m128i UnpackXMM(
const __m128i& v)
162 return _mm_setzero_si128();
166 inline __m128i UnpackXMM<0>(
const __m128i& v)
169 return _mm_shuffle_epi8(v, _mm_set_epi8(3,2,1,0, 3,2,1,0, 3,2,1,0, 3,2,1,0));
173 inline __m128i UnpackXMM<1>(
const __m128i& v)
176 return _mm_shuffle_epi8(v, _mm_set_epi8(7,6,5,4, 7,6,5,4, 7,6,5,4, 7,6,5,4));
180 inline __m128i UnpackXMM<2>(
const __m128i& v)
183 return _mm_shuffle_epi8(v, _mm_set_epi8(11,10,9,8, 11,10,9,8, 11,10,9,8, 11,10,9,8));
187 inline __m128i UnpackXMM<3>(
const __m128i& v)
190 return _mm_shuffle_epi8(v, _mm_set_epi8(15,14,13,12, 15,14,13,12, 15,14,13,12, 15,14,13,12));
193 template <
unsigned int IDX>
194 inline __m128i RepackXMM(
const __m128i& a,
const __m128i& b,
const __m128i& c,
const __m128i& d)
196 return UnpackXMM<IDX>(a, b, c, d);
199 template <
unsigned int IDX>
200 inline __m128i RepackXMM(
const __m128i& v)
202 return UnpackXMM<IDX>(v);
205 inline void SM4_Encrypt(__m128i &block0, __m128i &block1,
206 __m128i &block2, __m128i &block3,
const word32 *subkeys)
209 const __m128i c0f = _mm_set_epi32(0x0F0F0F0F, 0x0F0F0F0F, 0x0F0F0F0F, 0x0F0F0F0F);
212 const __m128i flp = _mm_set_epi32(0x0C0D0E0F, 0x08090A0B, 0x04050607, 0x00010203);
215 const __m128i shr = _mm_set_epi32(0x0306090C, 0x0F020508, 0x0B0E0104, 0x070A0D00);
218 const __m128i m1l = _mm_set_epi32(0xC7C1B4B2, 0x22245157, 0x9197E2E4, 0x74720701);
219 const __m128i m1h = _mm_set_epi32(0xF052B91B, 0xF95BB012, 0xE240AB09, 0xEB49A200);
222 const __m128i m2l = _mm_set_epi32(0xEDD14478, 0x172BBE82, 0x5B67F2CE, 0xA19D0834);
223 const __m128i m2h = _mm_set_epi32(0x11CDBE62, 0xCC1063BF, 0xAE7201DD, 0x73AFDC00);
225 __m128i t0 = UnpackXMM<0>(block0, block1, block2, block3);
226 __m128i t1 = UnpackXMM<1>(block0, block1, block2, block3);
227 __m128i t2 = UnpackXMM<2>(block0, block1, block2, block3);
228 __m128i t3 = UnpackXMM<3>(block0, block1, block2, block3);
230 t0 = _mm_shuffle_epi8(t0, flp);
231 t1 = _mm_shuffle_epi8(t1, flp);
232 t2 = _mm_shuffle_epi8(t2, flp);
233 t3 = _mm_shuffle_epi8(t3, flp);
235 const unsigned int ROUNDS = 32;
236 for (
unsigned int i = 0; i < ROUNDS; i++)
238 const __m128i k = _mm_shuffle_epi32(_mm_castps_si128(
239 _mm_load_ss((
const float*)(subkeys+i))), _MM_SHUFFLE(0,0,0,0));
242 x = _mm_xor_si128(t1, _mm_xor_si128(t2, _mm_xor_si128(t3, k)));
244 y = _mm_and_si128(x, c0f);
245 y = _mm_shuffle_epi8(m1l, y);
246 x = _mm_and_si128(ShiftRight64<4>(x), c0f);
247 x = _mm_xor_si128(_mm_shuffle_epi8(m1h, x), y);
249 x = _mm_shuffle_epi8(x, shr);
250 x = _mm_aesenclast_si128(x, c0f);
252 y = _mm_andnot_si128(x, c0f);
253 y = _mm_shuffle_epi8(m2l, y);
254 x = _mm_and_si128(ShiftRight64<4>(x), c0f);
255 x = _mm_xor_si128(_mm_shuffle_epi8(m2h, x), y);
258 y = _mm_xor_si128(x, RotateLeft<8>(x));
259 y = _mm_xor_si128(y, RotateLeft<16>(x));
260 y = _mm_xor_si128(ShiftLeft<2>(y), ShiftRight<30>(y));
261 x = _mm_xor_si128(x, _mm_xor_si128(y, RotateLeft<24>(x)));
264 x = _mm_xor_si128(x, t0);
269 t0 = _mm_shuffle_epi8(t0, flp);
270 t1 = _mm_shuffle_epi8(t1, flp);
271 t2 = _mm_shuffle_epi8(t2, flp);
272 t3 = _mm_shuffle_epi8(t3, flp);
274 block0 = RepackXMM<0>(t3,t2,t1,t0);
275 block1 = RepackXMM<1>(t3,t2,t1,t0);
276 block2 = RepackXMM<2>(t3,t2,t1,t0);
277 block3 = RepackXMM<3>(t3,t2,t1,t0);
280 inline void SM4_Enc_4_Blocks(__m128i &block0, __m128i &block1,
281 __m128i &block2, __m128i &block3,
const word32 *subkeys,
unsigned int )
283 SM4_Encrypt(block0, block1, block2, block3, subkeys);
286 inline void SM4_Dec_4_Blocks(__m128i &block0, __m128i &block1,
287 __m128i &block2, __m128i &block3,
const word32 *subkeys,
unsigned int )
289 SM4_Encrypt(block0, block1, block2, block3, subkeys);
292 inline void SM4_Enc_Block(__m128i &block0,
293 const word32 *subkeys,
unsigned int )
295 __m128i t1 = _mm_setzero_si128();
296 __m128i t2 = _mm_setzero_si128();
297 __m128i t3 = _mm_setzero_si128();
299 SM4_Encrypt(block0, t1, t2, t3, subkeys);
302 inline void SM4_Dec_Block(__m128i &block0,
303 const word32 *subkeys,
unsigned int )
305 __m128i t1 = _mm_setzero_si128();
306 __m128i t2 = _mm_setzero_si128();
307 __m128i t3 = _mm_setzero_si128();
309 SM4_Encrypt(block0, t1, t2, t3, subkeys);
312 #endif // CRYPTOPP_AESNI_AVAILABLE 314 ANONYMOUS_NAMESPACE_END
318 #if defined(CRYPTOPP_AESNI_AVAILABLE) 319 size_t SM4_Enc_AdvancedProcessBlocks_AESNI(
const word32* subKeys,
size_t rounds,
320 const byte *inBlocks,
const byte *xorBlocks, byte *outBlocks,
size_t length, word32 flags)
322 return AdvancedProcessBlocks128_4x1_SSE(SM4_Enc_Block, SM4_Enc_4_Blocks,
323 subKeys, rounds, inBlocks, xorBlocks, outBlocks, length, flags);
325 #endif // CRYPTOPP_AESNI_AVAILABLE Utility functions for the Crypto++ library.
Library configuration file.
Template for AdvancedProcessBlocks and SIMD processing.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
Classes for the SM4 block cipher.
Crypto++ library namespace.