Lines Matching +full:0 +full:- +full:9 +full:a +full:- +full:z

2  * RISC-V Vector Crypto Extension Helpers for QEMU.
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
16 * You should have received a copy of the GNU General Public License along with
21 #include "qemu/host-utils.h"
26 #include "crypto/aes-round.h"
29 #include "exec/helper-proto.h"
35 uint64_t result = 0; in clmul64()
36 for (int j = 63; j >= 0; j--) { in clmul64()
46 uint64_t result = 0; in clmulh64()
47 for (int j = 63; j >= 1; j--) { in clmulh64()
49 result ^= (x >> (64 - j)); in clmulh64()
102 val = ((val & 0x5555555555555555ull) << 1) | in RVVCALL()
103 ((val & 0xAAAAAAAAAAAAAAAAull) >> 1); in RVVCALL()
104 val = ((val & 0x3333333333333333ull) << 2) | in RVVCALL()
105 ((val & 0xCCCCCCCCCCCCCCCCull) >> 2); in RVVCALL()
106 val = ((val & 0x0F0F0F0F0F0F0F0Full) << 4) | in RVVCALL()
107 ((val & 0xF0F0F0F0F0F0F0F0ull) >> 4); in RVVCALL()
121 #define DO_IDENTITY(a) (a) in RVVCALL() argument
131 #define DO_ANDN(a, b) ((a) & ~(b)) in RVVCALL() argument
186 #define DO_SLL(N, M) (N << (M & (sizeof(N) * 8 - 1))) in RVVCALL()
203 uint32_t vl = env->vl; in RVVCALL()
204 uint32_t vstart = env->vstart; in RVVCALL()
206 if (vl % egs != 0 || vstart % egs != 0) { in RVVCALL()
213 round_state->v = round_state->v ^ round_key->v; in xor_round_key()
220 uint32_t vl = env->vl; \
226 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { \
228 round_key.d[0] = *((uint64_t *)vs2 + H8(i * 2 + 0)); \
231 round_state.d[0] = *((uint64_t *)vd + H8(i * 2 + 0)); \
234 *((uint64_t *)vd + H8(i * 2 + 0)) = round_state.d[0]; \
237 env->vstart = 0; \
246 uint32_t vl = env->vl; \
252 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { \
254 round_key.d[0] = *((uint64_t *)vs2 + H8(0)); \
257 round_state.d[0] = *((uint64_t *)vd + H8(i * 2 + 0)); \
260 *((uint64_t *)vd + H8(i * 2 + 0)) = round_state.d[0]; \
263 env->vstart = 0; \
307 uint32_t vl = env->vl;
313 uimm &= 0b1111;
314 if (uimm > 10 || uimm == 0) {
315 uimm ^= 0b1000;
318 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) {
321 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010,
322 0x00000020, 0x00000040, 0x00000080, 0x0000001B, 0x00000036,
325 rk[0] = vs2[i * 4 + H4(0)];
331 rk[4] = rk[0] ^ (((uint32_t)AES_sbox[(tmp >> 24) & 0xff] << 24) |
332 ((uint32_t)AES_sbox[(tmp >> 16) & 0xff] << 16) |
333 ((uint32_t)AES_sbox[(tmp >> 8) & 0xff] << 8) |
334 ((uint32_t)AES_sbox[(tmp >> 0) & 0xff] << 0))
335 ^ rcon[uimm - 1];
340 vd[i * 4 + H4(0)] = rk[4];
345 env->vstart = 0;
355 uint32_t vl = env->vl; in HELPER()
361 uimm &= 0b1111; in HELPER()
363 uimm ^= 0b1000; in HELPER()
366 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { in HELPER()
369 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, in HELPER()
370 0x00000020, 0x00000040, 0x00000080, 0x0000001B, 0x00000036, in HELPER()
373 rk[0] = vd[i * 4 + H4(0)]; in HELPER()
377 rk[4] = vs2[i * 4 + H4(0)]; in HELPER()
382 if (uimm % 2 == 0) { in HELPER()
384 rk[8] = rk[0] ^ (((uint32_t)AES_sbox[(tmp >> 24) & 0xff] << 24) | in HELPER()
385 ((uint32_t)AES_sbox[(tmp >> 16) & 0xff] << 16) | in HELPER()
386 ((uint32_t)AES_sbox[(tmp >> 8) & 0xff] << 8) | in HELPER()
387 ((uint32_t)AES_sbox[(tmp >> 0) & 0xff] << 0)) in HELPER()
388 ^ rcon[(uimm - 1) / 2]; in HELPER()
390 rk[8] = rk[0] ^ (((uint32_t)AES_sbox[(rk[7] >> 24) & 0xff] << 24) | in HELPER()
391 ((uint32_t)AES_sbox[(rk[7] >> 16) & 0xff] << 16) | in HELPER()
392 ((uint32_t)AES_sbox[(rk[7] >> 8) & 0xff] << 8) | in HELPER()
393 ((uint32_t)AES_sbox[(rk[7] >> 0) & 0xff] << 0)); in HELPER()
395 rk[9] = rk[1] ^ rk[8]; in HELPER()
396 rk[10] = rk[2] ^ rk[9]; in HELPER()
399 vd[i * 4 + H4(0)] = rk[8]; in HELPER()
400 vd[i * 4 + H4(1)] = rk[9]; in HELPER()
404 env->vstart = 0; in HELPER()
432 res[0] = sig1_sha256(vs1[H4(2)]) + vs2[H4(1)] + sig0_sha256(vd[H4(1)]) + in vsha2ms_e32()
433 vd[H4(0)]; in vsha2ms_e32()
437 sig1_sha256(res[0]) + vs2[H4(3)] + sig0_sha256(vd[H4(3)]) + vd[H4(2)]; in vsha2ms_e32()
439 sig1_sha256(res[1]) + vs1[H4(0)] + sig0_sha256(vs2[H4(0)]) + vd[H4(3)]; in vsha2ms_e32()
443 vd[H4(0)] = res[0]; in vsha2ms_e32()
449 res[0] = sig1_sha512(vs1[2]) + vs2[1] + sig0_sha512(vd[1]) + vd[0]; in vsha2ms_e64()
451 res[2] = sig1_sha512(res[0]) + vs2[3] + sig0_sha512(vd[3]) + vd[2]; in vsha2ms_e64()
452 res[3] = sig1_sha512(res[1]) + vs1[0] + sig0_sha512(vs2[0]) + vd[3]; in vsha2ms_e64()
456 vd[0] = res[0]; in vsha2ms_e64()
462 uint32_t sew = FIELD_EX64(env->vtype, VTYPE, VSEW); in HELPER()
467 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
469 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { in HELPER()
481 vext_set_elems_1s(vd, vta, env->vl * esz, total_elems * esz); in HELPER()
482 env->vstart = 0; in HELPER()
505 #define ch(x, y, z) ((x & y) ^ ((~x) & z)) argument
507 #define maj(x, y, z) ((x & y) ^ (x & z) ^ (y & z)) argument
511 uint64_t a = vs2[3], b = vs2[2], e = vs2[1], f = vs2[0]; in vsha2c_64() local
512 uint64_t c = vd[3], d = vd[2], g = vd[1], h = vd[0]; in vsha2c_64()
513 uint64_t W0 = vs1[0], W1 = vs1[1]; in vsha2c_64()
515 uint64_t T2 = sum0_64(a) + maj(a, b, c); in vsha2c_64()
523 b = a; in vsha2c_64()
524 a = T1 + T2; in vsha2c_64()
527 T2 = sum0_64(a) + maj(a, b, c); in vsha2c_64()
534 b = a; in vsha2c_64()
535 a = T1 + T2; in vsha2c_64()
537 vd[0] = f; in vsha2c_64()
540 vd[3] = a; in vsha2c_64()
545 uint32_t a = vs2[H4(3)], b = vs2[H4(2)], e = vs2[H4(1)], f = vs2[H4(0)]; in vsha2c_32() local
546 uint32_t c = vd[H4(3)], d = vd[H4(2)], g = vd[H4(1)], h = vd[H4(0)]; in vsha2c_32()
547 uint32_t W0 = vs1[H4(0)], W1 = vs1[H4(1)]; in vsha2c_32()
549 uint32_t T2 = sum0_32(a) + maj(a, b, c); in vsha2c_32()
557 b = a; in vsha2c_32()
558 a = T1 + T2; in vsha2c_32()
561 T2 = sum0_32(a) + maj(a, b, c); in vsha2c_32()
568 b = a; in vsha2c_32()
569 a = T1 + T2; in vsha2c_32()
571 vd[H4(0)] = f; in vsha2c_32()
574 vd[H4(3)] = a; in vsha2c_32()
584 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
586 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { in HELPER()
593 vext_set_elems_1s(vd, vta, env->vl * esz, total_elems * esz); in HELPER()
594 env->vstart = 0; in HELPER()
604 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
606 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { in HELPER()
613 vext_set_elems_1s(vd, vta, env->vl * esz, total_elems * esz); in HELPER()
614 env->vstart = 0; in HELPER()
624 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
626 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { in HELPER()
633 vext_set_elems_1s(vd, vta, env->vl * esz, total_elems * esz); in HELPER()
634 env->vstart = 0; in HELPER()
644 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
646 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { in HELPER()
653 vext_set_elems_1s(vd, vta, env->vl * esz, total_elems * esz); in HELPER()
654 env->vstart = 0; in HELPER()
671 uint32_t esz = memop_size(FIELD_EX64(env->vtype, VTYPE, VSEW)); in HELPER()
678 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
680 for (int i = env->vstart / 8; i < env->vl / 8; i++) { in HELPER()
682 for (int j = 0; j < 8; j++) { in HELPER()
686 for (int j = 0; j < 8; j++) { in HELPER()
690 for (int j = 0; j < 8; j++) { in HELPER()
694 vext_set_elems_1s(vd_vptr, vta, env->vl * esz, total_elems * esz); in HELPER()
695 env->vstart = 0; in HELPER()
698 static inline uint32_t ff1(uint32_t x, uint32_t y, uint32_t z) in ff1() argument
700 return x ^ y ^ z; in ff1()
703 static inline uint32_t ff2(uint32_t x, uint32_t y, uint32_t z) in ff2() argument
705 return (x & y) | (x & z) | (y & z); in ff2()
708 static inline uint32_t ff_j(uint32_t x, uint32_t y, uint32_t z, uint32_t j) in ff_j() argument
710 return (j <= 15) ? ff1(x, y, z) : ff2(x, y, z); in ff_j()
713 static inline uint32_t gg1(uint32_t x, uint32_t y, uint32_t z) in gg1() argument
715 return x ^ y ^ z; in gg1()
718 static inline uint32_t gg2(uint32_t x, uint32_t y, uint32_t z) in gg2() argument
720 return (x & y) | (~x & z); in gg2()
723 static inline uint32_t gg_j(uint32_t x, uint32_t y, uint32_t z, uint32_t j) in gg_j() argument
725 return (j <= 15) ? gg1(x, y, z) : gg2(x, y, z); in gg_j()
730 return (j <= 15) ? 0x79cc4519 : 0x7a879d8a; in t_j()
735 return x ^ rol32(x, 9) ^ rol32(x, 17); in p_0()
743 x0 = vs2[0] ^ vs2[4]; in sm3c()
746 ss1 = rol32(rol32(vs1[0], 12) + vs1[4] + rol32(t_j(j), j % 32), 7); in sm3c()
747 ss2 = ss1 ^ rol32(vs1[0], 12); in sm3c()
748 tt1 = ff_j(vs1[0], vs1[1], vs1[2], j) + vs1[3] + ss2 + x0; in sm3c()
749 tt2 = gg_j(vs1[4], vs1[5], vs1[6], j) + vs1[7] + ss1 + vs2[0]; in sm3c()
751 vd[3] = rol32(vs1[1], 9); in sm3c()
752 vs1[1] = vs1[0]; in sm3c()
763 vd[2] = rol32(vs1[1], 9); in sm3c()
764 vd[0] = tt1; in sm3c()
772 uint32_t esz = memop_size(FIELD_EX64(env->vtype, VTYPE, VSEW)); in HELPER()
779 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
781 for (int i = env->vstart / 8; i < env->vl / 8; i++) { in HELPER()
782 for (int k = 0; k < 8; k++) { in HELPER()
787 for (int k = 0; k < 8; k++) { in HELPER()
791 vext_set_elems_1s(vd_vptr, vta, env->vl * esz, total_elems * esz); in HELPER()
792 env->vstart = 0; in HELPER()
804 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
806 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { in HELPER()
807 uint64_t Y[2] = {vd[i * 2 + 0], vd[i * 2 + 1]}; in HELPER()
808 uint64_t H[2] = {brev8(vs2[i * 2 + 0]), brev8(vs2[i * 2 + 1])}; in HELPER()
809 uint64_t X[2] = {vs1[i * 2 + 0], vs1[i * 2 + 1]}; in HELPER()
810 uint64_t Z[2] = {0, 0}; in HELPER() local
812 uint64_t S[2] = {brev8(Y[0] ^ X[0]), brev8(Y[1] ^ X[1])}; in HELPER()
814 for (int j = 0; j < 128; j++) { in HELPER()
816 Z[0] ^= H[0]; in HELPER()
817 Z[1] ^= H[1]; in HELPER()
820 H[1] = H[1] << 1 | H[0] >> 63; in HELPER()
821 H[0] = H[0] << 1; in HELPER()
823 H[0] ^= 0x87; in HELPER()
827 vd[i * 2 + 0] = brev8(Z[0]); in HELPER()
828 vd[i * 2 + 1] = brev8(Z[1]); in HELPER()
831 vext_set_elems_1s(vd, vta, env->vl * 4, total_elems * 4); in HELPER()
832 env->vstart = 0; in HELPER()
843 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
845 for (uint32_t i = env->vstart / 4; i < env->vl / 4; i++) { in HELPER()
846 uint64_t Y[2] = {brev8(vd[i * 2 + 0]), brev8(vd[i * 2 + 1])}; in HELPER()
847 uint64_t H[2] = {brev8(vs2[i * 2 + 0]), brev8(vs2[i * 2 + 1])}; in HELPER()
848 uint64_t Z[2] = {0, 0}; in HELPER() local
850 for (int j = 0; j < 128; j++) { in HELPER()
852 Z[0] ^= H[0]; in HELPER()
853 Z[1] ^= H[1]; in HELPER()
856 H[1] = H[1] << 1 | H[0] >> 63; in HELPER()
857 H[0] = H[0] << 1; in HELPER()
859 H[0] ^= 0x87; in HELPER()
863 vd[i * 2 + 0] = brev8(Z[0]); in HELPER()
864 vd[i * 2 + 1] = brev8(Z[1]); in HELPER()
867 vext_set_elems_1s(vd, vta, env->vl * 4, total_elems * 4); in HELPER()
868 env->vstart = 0; in HELPER()
875 uint32_t rnd = uimm5 & 0x7; in HELPER()
876 uint32_t group_start = env->vstart / egs; in HELPER()
877 uint32_t group_end = env->vl / egs; in HELPER()
881 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
886 uint32_t rk[4] = {0}; in HELPER()
887 uint32_t tmp[8] = {0}; in HELPER()
890 rk[j - vstart] = *((uint32_t *)vs2 + H4(j)); in HELPER()
893 for (uint32_t j = 0; j < egs; ++j) { in HELPER()
897 for (uint32_t j = 0; j < egs; ++j) { in HELPER()
907 *((uint32_t *)vd + H4(j)) = tmp[egs + (j - vstart)]; in HELPER()
911 env->vstart = 0; in HELPER()
913 vext_set_elems_1s(vd, vext_vta(desc), env->vl * esz, total_elems * esz); in HELPER()
922 b = buf[j - 3] ^ buf[j - 2] ^ buf[j - 1] ^ rk[j - 4]; in do_sm4_round()
926 buf[j] = buf[j - 4] ^ (s ^ rol32(s, 2) ^ rol32(s, 10) ^ rol32(s, 18) ^ in do_sm4_round()
934 uint32_t group_start = env->vstart / egs; in HELPER()
935 uint32_t group_end = env->vl / egs; in HELPER()
939 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
944 uint32_t rk[4] = {0}; in HELPER()
945 uint32_t tmp[8] = {0}; in HELPER()
948 rk[j - vstart] = *((uint32_t *)vs2 + H4(j)); in HELPER()
952 tmp[j - vstart] = *((uint32_t *)vd + H4(j)); in HELPER()
958 *((uint32_t *)vd + H4(j)) = tmp[egs + (j - vstart)]; in HELPER()
962 env->vstart = 0; in HELPER()
964 vext_set_elems_1s(vd, vext_vta(desc), env->vl * esz, total_elems * esz); in HELPER()
970 uint32_t group_start = env->vstart / egs; in HELPER()
971 uint32_t group_end = env->vl / egs; in HELPER()
975 VSTART_CHECK_EARLY_EXIT(env, env->vl); in HELPER()
980 uint32_t rk[4] = {0}; in HELPER()
981 uint32_t tmp[8] = {0}; in HELPER()
983 for (uint32_t j = 0; j < egs; ++j) { in HELPER()
988 tmp[j - vstart] = *((uint32_t *)vd + H4(j)); in HELPER()
994 *((uint32_t *)vd + H4(j)) = tmp[egs + (j - vstart)]; in HELPER()
998 env->vstart = 0; in HELPER()
1000 vext_set_elems_1s(vd, vext_vta(desc), env->vl * esz, total_elems * esz); in HELPER()