Merge pull request #2277 from julek-wolfssl/arm-poly1305

ARM Poly1305

src/include.am

@@ -279,6 +279,9 @@ src_libwolfssl_la_SOURCES += wolfcrypt/src/coding.c
 endif
 
 if BUILD_POLY1305
+if BUILD_ARMASM
+src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-poly1305.c
+endif
 src_libwolfssl_la_SOURCES += wolfcrypt/src/poly1305.c
 if BUILD_INTELASM
 src_libwolfssl_la_SOURCES += wolfcrypt/src/poly1305_asm.S

wolfcrypt/src/poly1305.c

@@ -24,6 +24,7 @@
  * and Daniel J. Bernstein
  */
 
+
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif
@@ -190,7 +191,7 @@ extern void poly1305_final_avx2(Poly1305* ctx, byte* mac);
 #endif
 
 #elif defined(POLY130564)
-
+#ifndef WOLFSSL_ARMASM
     static word64 U8TO64(const byte* p)
     {
         return
@@ -214,7 +215,7 @@ extern void poly1305_final_avx2(Poly1305* ctx, byte* mac);
         p[6] = (v >> 48) & 0xff;
         p[7] = (v >> 56) & 0xff;
     }
-
+#endif/* WOLFSSL_ARMASM */
 #else /* if not 64 bit then use 32 bit */
 
     static word32 U8TO32(const byte *p)
@@ -244,8 +245,9 @@ static void U32TO64(word32 v, byte* p)
     p[3] = (v >> 24) & 0xFF;
 }
 
-static void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
-                            size_t bytes)
+#if !defined(WOLFSSL_ARMASM) || !defined(__aarch64__)
+void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
+                     size_t bytes)
 {
 #ifdef USE_INTEL_SPEEDUP
     /* AVX2 is handled in wc_Poly1305Update. */
@@ -368,7 +370,7 @@ static void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
 #endif /* end of 64 bit cpu blocks or 32 bit cpu */
 }
 
-static void poly1305_block(Poly1305* ctx, const unsigned char *m)
+void poly1305_block(Poly1305* ctx, const unsigned char *m)
 {
 #ifdef USE_INTEL_SPEEDUP
     /* No call to poly1305_block when AVX2, AVX2 does 4 blocks at a time. */
@@ -377,8 +379,9 @@ static void poly1305_block(Poly1305* ctx, const unsigned char *m)
     poly1305_blocks(ctx, m, POLY1305_BLOCK_SIZE);
 #endif
 }
+#endif /* !defined(WOLFSSL_ARMASM) || !defined(__aarch64__) */
 
-
+#if !defined(WOLFSSL_ARMASM) || !defined(__aarch64__)
 int wc_Poly1305SetKey(Poly1305* ctx, const byte* key, word32 keySz)
 {
 #if defined(POLY130564)
@@ -465,7 +468,6 @@ int wc_Poly1305SetKey(Poly1305* ctx, const byte* key, word32 keySz)
     return 0;
 }
 
-
 int wc_Poly1305Final(Poly1305* ctx, byte* mac)
 {
 #ifdef USE_INTEL_SPEEDUP
@@ -646,6 +648,7 @@ int wc_Poly1305Final(Poly1305* ctx, byte* mac)
 
     return 0;
 }
+#endif /* !defined(WOLFSSL_ARMASM) || !defined(__aarch64__) */
 
 
 int wc_Poly1305Update(Poly1305* ctx, const byte* m, word32 bytes)
@@ -818,4 +821,3 @@ int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz,
 
 }
 #endif /* HAVE_POLY1305 */
-

wolfssl/wolfcrypt/poly1305.h

@@ -82,6 +82,14 @@ typedef struct Poly1305 {
     unsigned char finished;
     unsigned char started;
 #else
+#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
+    ALIGN128 word32 r[5];
+    ALIGN128 word32 r_2[5]; // r^2
+    ALIGN128 word32 r_4[5]; // r^4
+    ALIGN128 word32 h[5];
+    word32 pad[4];
+    word64 leftover;
+#else
 #if defined(POLY130564)
     word64 r[3];
     word64 h[3];
@@ -92,6 +100,7 @@ typedef struct Poly1305 {
     word32 pad[4];
 #endif
     size_t leftover;
+#endif /* WOLFSSL_ARMASM */
     unsigned char buffer[POLY1305_BLOCK_SIZE];
     unsigned char finished;
 #endif
@@ -105,6 +114,10 @@ WOLFSSL_API int wc_Poly1305Update(Poly1305* poly1305, const byte*, word32);
 WOLFSSL_API int wc_Poly1305Final(Poly1305* poly1305, byte* tag);
 WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz,
                                byte* input, word32 sz, byte* tag, word32 tagSz);
+
+void poly1305_block(Poly1305* ctx, const unsigned char *m);
+void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
+                            size_t bytes);
 #ifdef __cplusplus
     } /* extern "C" */
 #endif