mirror of
https://github.com/autc04/Retro68.git
synced 2024-12-12 11:29:30 +00:00
98 lines
2.6 KiB
Go
98 lines
2.6 KiB
Go
// Copyright 2016 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// +build ignore
|
|
|
|
package aes
|
|
|
|
import (
|
|
"crypto/cipher"
|
|
"crypto/internal/subtle"
|
|
"internal/cpu"
|
|
)
|
|
|
|
type code int
|
|
|
|
// Function codes for the cipher message family of instructions.
|
|
const (
|
|
aes128 code = 18
|
|
aes192 = 19
|
|
aes256 = 20
|
|
)
|
|
|
|
type aesCipherAsm struct {
|
|
function code // code for cipher message instruction
|
|
key []byte // key (128, 192 or 256 bits)
|
|
storage [32]byte // array backing key slice
|
|
}
|
|
|
|
// cryptBlocks invokes the cipher message (KM) instruction with
|
|
// the given function code. This is equivalent to AES in ECB
|
|
// mode. The length must be a multiple of BlockSize (16).
|
|
//go:noescape
|
|
func cryptBlocks(c code, key, dst, src *byte, length int)
|
|
|
|
func newCipher(key []byte) (cipher.Block, error) {
|
|
// The aesCipherAsm type implements the cbcEncAble, cbcDecAble,
|
|
// ctrAble and gcmAble interfaces. We therefore need to check
|
|
// for all the features required to implement these modes.
|
|
// Keep in sync with crypto/tls/common.go.
|
|
if !(cpu.S390X.HasAES && cpu.S390X.HasAESCBC && cpu.S390X.HasAESCTR && (cpu.S390X.HasGHASH || cpu.S390X.HasAESGCM)) {
|
|
return newCipherGeneric(key)
|
|
}
|
|
|
|
var function code
|
|
switch len(key) {
|
|
case 128 / 8:
|
|
function = aes128
|
|
case 192 / 8:
|
|
function = aes192
|
|
case 256 / 8:
|
|
function = aes256
|
|
default:
|
|
return nil, KeySizeError(len(key))
|
|
}
|
|
|
|
var c aesCipherAsm
|
|
c.function = function
|
|
c.key = c.storage[:len(key)]
|
|
copy(c.key, key)
|
|
return &c, nil
|
|
}
|
|
|
|
func (c *aesCipherAsm) BlockSize() int { return BlockSize }
|
|
|
|
func (c *aesCipherAsm) Encrypt(dst, src []byte) {
|
|
if len(src) < BlockSize {
|
|
panic("crypto/aes: input not full block")
|
|
}
|
|
if len(dst) < BlockSize {
|
|
panic("crypto/aes: output not full block")
|
|
}
|
|
if subtle.InexactOverlap(dst[:BlockSize], src[:BlockSize]) {
|
|
panic("crypto/aes: invalid buffer overlap")
|
|
}
|
|
cryptBlocks(c.function, &c.key[0], &dst[0], &src[0], BlockSize)
|
|
}
|
|
|
|
func (c *aesCipherAsm) Decrypt(dst, src []byte) {
|
|
if len(src) < BlockSize {
|
|
panic("crypto/aes: input not full block")
|
|
}
|
|
if len(dst) < BlockSize {
|
|
panic("crypto/aes: output not full block")
|
|
}
|
|
if subtle.InexactOverlap(dst[:BlockSize], src[:BlockSize]) {
|
|
panic("crypto/aes: invalid buffer overlap")
|
|
}
|
|
// The decrypt function code is equal to the function code + 128.
|
|
cryptBlocks(c.function+128, &c.key[0], &dst[0], &src[0], BlockSize)
|
|
}
|
|
|
|
// expandKey is used by BenchmarkExpand. cipher message (KM) does not need key
|
|
// expansion so there is no assembly equivalent.
|
|
func expandKey(key []byte, enc, dec []uint32) {
|
|
expandKeyGo(key, enc, dec)
|
|
}
|