From 0e9e7d72f3c9eb7ac832746c3034855faaf8d02c Mon Sep 17 00:00:00 2001 From: Jussi Kivilinna Date: Tue, 19 Nov 2013 23:26:26 +0200 Subject: GCM: GHASH optimizations * cipher/cipher-gcm.c [GCM_USE_TABLES] (gcmR, ghash): Replace with new. [GCM_USE_TABLES] [GCM_TABLES_USE_U64] (bshift, fillM, do_ghash): New. [GCM_USE_TABLES] [!GCM_TABLES_USE_U64] (bshift, fillM): Replace with new. [GCM_USE_TABLES] [!GCM_TABLES_USE_U64] (do_ghash): New. (_gcry_cipher_gcm_tag): Remove extra memcpy to outbuf and use buf_eq_const for comparing authentication tag. * cipher/cipher-internal.h (gcry_cipher_handle): Different 'gcm_table' for 32-bit and 64-bit platforms. -- Patch improves GHASH speed. Intel Haswell (x86-64): Old: GCM auth | 26.22 ns/B 36.38 MiB/s 83.89 c/B New: GCM auth | 3.18 ns/B 300.0 MiB/s 10.17 c/B Intel Haswell (mingw32): Old: GCM auth | 27.27 ns/B 34.97 MiB/s 87.27 c/B New: GCM auth | 7.58 ns/B 125.7 MiB/s 24.27 c/B Cortex-A8: Old: GCM auth | 231.4 ns/B 4.12 MiB/s 233.3 c/B New: GCM auth | 30.82 ns/B 30.94 MiB/s 31.07 c/B Signed-off-by: Jussi Kivilinna --- cipher/cipher-internal.h | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'cipher/cipher-internal.h') diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h index 7da9c680..b4d0ff9d 100644 --- a/cipher/cipher-internal.h +++ b/cipher/cipher-internal.h @@ -129,7 +129,14 @@ struct gcry_cipher_handle int unused; /* Number of unused bytes in LASTIV. */ unsigned char length[MAX_BLOCKSIZE]; /* bit counters for GCM */ #ifdef GCM_USE_TABLES - unsigned char gcm_table[16 * 16]; /* pre-calculated table for GCM */ + #if defined(HAVE_U64_TYPEDEF) && \ + (SIZEOF_UNSIGNED_LONG == 8 || defined(__x86_64__)) + #define GCM_TABLES_USE_U64 1 + u64 gcm_table[2 * 16]; /* pre-calculated table for GCM */ + #else + #undef GCM_TABLES_USE_U64 + u32 gcm_table[4 * 16]; /* pre-calculated table for GCM */ + #endif #endif union { -- cgit v1.2.1