diff options
author | Juergen Christ <jchrist@linux.ibm.com> | 2023-03-03 14:36:08 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-03-07 18:21:51 +0100 |
commit | de13699370183ab565f548267afa57e25a921ca9 (patch) | |
tree | e958c1c762c800bea81dd510cacba593a3b92afe | |
parent | 12c4e67675e691d7556a526aa062effff05a6532 (diff) | |
download | openssl-new-de13699370183ab565f548267afa57e25a921ca9.tar.gz |
S390X: Accelerate keccak XOF
The keccak XOF used for KMAC can be simplified by using klmd. This speeds up
XOF processing in cases where more than one result block is needed.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20431)
-rw-r--r-- | crypto/s390x_arch.h | 1 | ||||
-rw-r--r-- | providers/implementations/digests/sha3_prov.c | 13 |
2 files changed, 6 insertions, 8 deletions
diff --git a/crypto/s390x_arch.h b/crypto/s390x_arch.h index cfb3460d5b..3f7dac2e74 100644 --- a/crypto/s390x_arch.h +++ b/crypto/s390x_arch.h @@ -182,5 +182,6 @@ extern int OPENSSL_s390xcex; # define S390X_KMA_LAAD 0x200 # define S390X_KMA_HS 0x400 # define S390X_KDSA_D 0x80 +# define S390X_KLMD_PS 0x100 #endif diff --git a/providers/implementations/digests/sha3_prov.c b/providers/implementations/digests/sha3_prov.c index 33dc6660bf..825d3249fa 100644 --- a/providers/implementations/digests/sha3_prov.c +++ b/providers/implementations/digests/sha3_prov.c @@ -183,7 +183,6 @@ static int s390x_keccakc_final(unsigned char *md, void *vctx, int padding) size_t bsz = ctx->block_size; size_t num = ctx->bufsz; size_t needed = ctx->md_size; - static const unsigned char empty[KECCAK1600_WIDTH / 8] = {0}; if (!ossl_prov_is_running()) return 0; @@ -193,13 +192,11 @@ static int s390x_keccakc_final(unsigned char *md, void *vctx, int padding) ctx->buf[num] = padding; ctx->buf[bsz - 1] |= 0x80; s390x_kimd(ctx->buf, bsz, ctx->pad, ctx->A); - while (needed > bsz) { - memcpy(md, ctx->A, bsz); - needed -= bsz; - md += bsz; - s390x_kimd(empty, bsz, ctx->pad, ctx->A); - } - memcpy(md, ctx->A, needed); + num = needed > bsz ? bsz : needed; + memcpy(md, ctx->A, num); + needed -= num; + if (needed > 0) + s390x_klmd(NULL, 0, md + bsz, needed, ctx->pad | S390X_KLMD_PS, ctx->A); return 1; } |