2017-05-05 02:34:52 +00:00
|
|
|
/**
|
|
|
|
* Author......: See docs/credits.txt
|
|
|
|
* License.....: MIT
|
|
|
|
*/
|
|
|
|
|
|
|
|
#define NEW_SIMD_CODE
|
|
|
|
|
2019-03-22 14:16:25 +00:00
|
|
|
#ifdef KERNEL_STATIC
|
2019-03-21 22:00:38 +00:00
|
|
|
#include "inc_vendor.h"
|
|
|
|
#include "inc_types.h"
|
2017-05-05 02:34:52 +00:00
|
|
|
#include "inc_common.cl"
|
2017-08-11 09:25:47 +00:00
|
|
|
#include "inc_rp_optimized.h"
|
|
|
|
#include "inc_rp_optimized.cl"
|
2017-05-05 02:34:52 +00:00
|
|
|
#include "inc_simd.cl"
|
2019-03-22 14:16:25 +00:00
|
|
|
#endif
|
2017-05-05 02:34:52 +00:00
|
|
|
|
2019-03-08 11:50:31 +00:00
|
|
|
typedef struct chacha20
|
|
|
|
{
|
|
|
|
u32 iv[2];
|
|
|
|
u32 plain[2];
|
|
|
|
u32 position[2];
|
|
|
|
u32 offset;
|
|
|
|
|
|
|
|
} chacha20_t;
|
|
|
|
|
2017-05-06 18:24:50 +00:00
|
|
|
#define CHACHA_CONST_00 0x61707865
|
|
|
|
#define CHACHA_CONST_01 0x3320646e
|
|
|
|
#define CHACHA_CONST_02 0x79622d32
|
|
|
|
#define CHACHA_CONST_03 0x6b206574
|
|
|
|
|
|
|
|
#define QR(a, b, c, d) \
|
|
|
|
do { \
|
|
|
|
x[a] = x[a] + x[b]; \
|
|
|
|
x[d] = rotl32(x[d] ^ x[a], 16); \
|
|
|
|
x[c] = x[c] + x[d]; \
|
|
|
|
x[b] = rotl32(x[b] ^ x[c], 12); \
|
|
|
|
x[a] = x[a] + x[b]; \
|
|
|
|
x[d] = rotl32(x[d] ^ x[a], 8); \
|
|
|
|
x[c] = x[c] + x[d]; \
|
|
|
|
x[b] = rotl32(x[b] ^ x[c], 7); \
|
|
|
|
} while (0);
|
|
|
|
|
2018-07-22 09:47:42 +00:00
|
|
|
DECLSPEC void chacha20_transform (const u32x *w0, const u32x *w1, const u32 *position, const u32 offset, const u32 *iv, const u32 *plain, u32x *digest)
|
2017-05-06 18:24:50 +00:00
|
|
|
{
|
2017-05-15 22:34:34 +00:00
|
|
|
/**
|
|
|
|
* Key expansion
|
|
|
|
*/
|
|
|
|
|
2017-05-06 18:24:50 +00:00
|
|
|
u32x ctx[16];
|
2018-11-01 19:17:02 +00:00
|
|
|
|
2017-05-06 18:24:50 +00:00
|
|
|
ctx[ 0] = CHACHA_CONST_00;
|
|
|
|
ctx[ 1] = CHACHA_CONST_01;
|
|
|
|
ctx[ 2] = CHACHA_CONST_02;
|
|
|
|
ctx[ 3] = CHACHA_CONST_03;
|
2018-11-01 19:17:02 +00:00
|
|
|
ctx[ 4] = w0[0];
|
2017-05-06 18:24:50 +00:00
|
|
|
ctx[ 5] = w0[1];
|
|
|
|
ctx[ 6] = w0[2];
|
|
|
|
ctx[ 7] = w0[3];
|
|
|
|
ctx[ 8] = w1[0];
|
|
|
|
ctx[ 9] = w1[1];
|
|
|
|
ctx[10] = w1[2];
|
|
|
|
ctx[11] = w1[3];
|
2017-05-07 18:02:00 +00:00
|
|
|
ctx[12] = position[0];
|
|
|
|
ctx[13] = position[1];
|
2017-05-06 18:24:50 +00:00
|
|
|
ctx[14] = iv[1];
|
|
|
|
ctx[15] = iv[0];
|
|
|
|
|
2017-05-15 22:34:34 +00:00
|
|
|
/**
|
|
|
|
* Generate 64 byte keystream
|
|
|
|
*/
|
|
|
|
|
|
|
|
u32x x[32];
|
2017-05-06 18:24:50 +00:00
|
|
|
|
|
|
|
x[ 0] = ctx[ 0];
|
|
|
|
x[ 1] = ctx[ 1];
|
|
|
|
x[ 2] = ctx[ 2];
|
|
|
|
x[ 3] = ctx[ 3];
|
|
|
|
x[ 4] = ctx[ 4];
|
|
|
|
x[ 5] = ctx[ 5];
|
|
|
|
x[ 6] = ctx[ 6];
|
|
|
|
x[ 7] = ctx[ 7];
|
|
|
|
x[ 8] = ctx[ 8];
|
|
|
|
x[ 9] = ctx[ 9];
|
|
|
|
x[10] = ctx[10];
|
|
|
|
x[11] = ctx[11];
|
|
|
|
x[12] = ctx[12];
|
|
|
|
x[13] = ctx[13];
|
|
|
|
x[14] = ctx[14];
|
|
|
|
x[15] = ctx[15];
|
|
|
|
|
2017-05-16 23:59:46 +00:00
|
|
|
#pragma unroll
|
2018-11-01 19:17:02 +00:00
|
|
|
for (u8 i = 0; i < 10; i++)
|
2017-05-07 18:02:00 +00:00
|
|
|
{
|
2017-05-06 18:24:50 +00:00
|
|
|
/* Column round */
|
|
|
|
QR(0, 4, 8, 12);
|
|
|
|
QR(1, 5, 9, 13);
|
|
|
|
QR(2, 6, 10, 14);
|
|
|
|
QR(3, 7, 11, 15);
|
|
|
|
|
|
|
|
/* Diagonal round */
|
|
|
|
QR(0, 5, 10, 15);
|
|
|
|
QR(1, 6, 11, 12);
|
|
|
|
QR(2, 7, 8, 13);
|
|
|
|
QR(3, 4, 9, 14);
|
|
|
|
}
|
|
|
|
|
|
|
|
x[ 0] += ctx[ 0];
|
|
|
|
x[ 1] += ctx[ 1];
|
|
|
|
x[ 2] += ctx[ 2];
|
|
|
|
x[ 3] += ctx[ 3];
|
|
|
|
x[ 4] += ctx[ 4];
|
|
|
|
x[ 5] += ctx[ 5];
|
|
|
|
x[ 6] += ctx[ 6];
|
|
|
|
x[ 7] += ctx[ 7];
|
|
|
|
x[ 8] += ctx[ 8];
|
|
|
|
x[ 9] += ctx[ 9];
|
|
|
|
x[10] += ctx[10];
|
|
|
|
x[11] += ctx[11];
|
|
|
|
x[12] += ctx[12];
|
|
|
|
x[13] += ctx[13];
|
|
|
|
x[14] += ctx[14];
|
|
|
|
x[15] += ctx[15];
|
2017-05-15 12:47:40 +00:00
|
|
|
|
2017-05-16 02:49:44 +00:00
|
|
|
if (offset > 56)
|
2017-05-15 22:34:34 +00:00
|
|
|
{
|
|
|
|
/**
|
2018-11-01 19:17:02 +00:00
|
|
|
* Generate a second 64 byte keystream
|
2017-05-15 22:34:34 +00:00
|
|
|
*/
|
2018-11-01 19:17:02 +00:00
|
|
|
|
2017-05-15 22:34:34 +00:00
|
|
|
ctx[12]++;
|
2018-11-01 19:17:02 +00:00
|
|
|
|
2017-05-15 22:34:34 +00:00
|
|
|
if (all(ctx[12] == 0)) ctx[13]++;
|
|
|
|
|
|
|
|
x[16] = ctx[ 0];
|
|
|
|
x[17] = ctx[ 1];
|
|
|
|
x[18] = ctx[ 2];
|
|
|
|
x[19] = ctx[ 3];
|
|
|
|
x[20] = ctx[ 4];
|
|
|
|
x[21] = ctx[ 5];
|
|
|
|
x[22] = ctx[ 6];
|
|
|
|
x[23] = ctx[ 7];
|
|
|
|
x[24] = ctx[ 8];
|
|
|
|
x[25] = ctx[ 9];
|
|
|
|
x[26] = ctx[10];
|
|
|
|
x[27] = ctx[11];
|
|
|
|
x[28] = ctx[12];
|
|
|
|
x[29] = ctx[13];
|
|
|
|
x[30] = ctx[14];
|
|
|
|
x[31] = ctx[15];
|
|
|
|
|
2017-05-16 23:59:46 +00:00
|
|
|
#pragma unroll
|
|
|
|
for (u8 i = 0; i < 10; i++)
|
2017-05-15 22:34:34 +00:00
|
|
|
{
|
|
|
|
/* Column round */
|
|
|
|
QR(16, 20, 24, 28);
|
|
|
|
QR(17, 21, 25, 29);
|
|
|
|
QR(18, 22, 26, 30);
|
|
|
|
QR(19, 23, 27, 31);
|
|
|
|
|
|
|
|
/* Diagonal round */
|
|
|
|
QR(16, 21, 26, 31);
|
|
|
|
QR(17, 22, 27, 28);
|
|
|
|
QR(18, 23, 24, 29);
|
|
|
|
QR(19, 20, 25, 30);
|
|
|
|
}
|
|
|
|
|
|
|
|
x[16] += ctx[ 0];
|
|
|
|
x[17] += ctx[ 1];
|
|
|
|
x[18] += ctx[ 2];
|
|
|
|
x[19] += ctx[ 3];
|
|
|
|
x[20] += ctx[ 4];
|
|
|
|
x[21] += ctx[ 5];
|
|
|
|
x[22] += ctx[ 6];
|
|
|
|
x[23] += ctx[ 7];
|
|
|
|
x[24] += ctx[ 8];
|
|
|
|
x[25] += ctx[ 9];
|
|
|
|
x[26] += ctx[10];
|
|
|
|
x[27] += ctx[11];
|
|
|
|
x[28] += ctx[12];
|
|
|
|
x[29] += ctx[13];
|
|
|
|
x[30] += ctx[14];
|
|
|
|
x[31] += ctx[15];
|
|
|
|
}
|
2017-05-15 12:47:40 +00:00
|
|
|
|
2017-05-16 02:49:44 +00:00
|
|
|
/**
|
|
|
|
* Encrypt plaintext with keystream
|
|
|
|
*/
|
|
|
|
|
2017-05-17 11:35:56 +00:00
|
|
|
const u32 index = offset / 4;
|
|
|
|
const u32 remain = offset % 4;
|
2017-05-15 12:47:40 +00:00
|
|
|
|
|
|
|
digest[0] = plain[1];
|
|
|
|
digest[1] = plain[0];
|
|
|
|
|
|
|
|
if (remain > 0)
|
|
|
|
{
|
2017-05-17 11:35:56 +00:00
|
|
|
digest[1] ^= x[index + 0] >> ( 0 + remain * 8);
|
|
|
|
digest[1] ^= x[index + 1] << (32 - remain * 8);
|
2017-05-15 12:47:40 +00:00
|
|
|
|
2017-05-17 11:35:56 +00:00
|
|
|
digest[0] ^= x[index + 1] >> ( 0 + remain * 8);
|
2018-11-01 19:17:02 +00:00
|
|
|
digest[0] ^= x[index + 2] << (32 - remain * 8);
|
2017-05-15 12:47:40 +00:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
digest[1] ^= x[index + 0];
|
2018-11-01 19:17:02 +00:00
|
|
|
digest[0] ^= x[index + 1];
|
2017-05-15 12:47:40 +00:00
|
|
|
}
|
2018-11-01 19:17:02 +00:00
|
|
|
}
|
2017-05-06 18:24:50 +00:00
|
|
|
|
2018-11-16 09:38:22 +00:00
|
|
|
__kernel void m15400_m04 (KERN_ATTR_RULES_ESALT (chacha20_t))
|
2018-11-01 19:17:02 +00:00
|
|
|
{
|
2017-05-05 02:34:52 +00:00
|
|
|
/**
|
|
|
|
* modifier
|
|
|
|
*/
|
|
|
|
|
2017-08-19 14:39:22 +00:00
|
|
|
const u64 gid = get_global_id (0);
|
|
|
|
const u64 lid = get_local_id (0);
|
2017-05-05 02:34:52 +00:00
|
|
|
|
|
|
|
u32 pw_buf0[4];
|
|
|
|
u32 pw_buf1[4];
|
|
|
|
|
|
|
|
pw_buf0[0] = pws[gid].i[0];
|
|
|
|
pw_buf0[1] = pws[gid].i[1];
|
|
|
|
pw_buf0[2] = pws[gid].i[2];
|
|
|
|
pw_buf0[3] = pws[gid].i[3];
|
|
|
|
pw_buf1[0] = pws[gid].i[4];
|
|
|
|
pw_buf1[1] = pws[gid].i[5];
|
|
|
|
pw_buf1[2] = pws[gid].i[6];
|
|
|
|
pw_buf1[3] = pws[gid].i[7];
|
|
|
|
|
2018-11-20 14:26:46 +00:00
|
|
|
const u32 pw_len = pws[gid].pw_len & 63;
|
2017-05-05 02:34:52 +00:00
|
|
|
|
2017-05-14 11:17:51 +00:00
|
|
|
/**
|
2018-11-01 19:17:02 +00:00
|
|
|
* Salt prep
|
2017-05-14 11:17:51 +00:00
|
|
|
*/
|
|
|
|
|
2017-05-17 11:35:56 +00:00
|
|
|
u32 iv[2] = { 0 };
|
|
|
|
u32 plain[2] = { 0 };
|
2017-05-07 18:02:00 +00:00
|
|
|
u32 position[2] = { 0 };
|
2017-05-17 11:35:56 +00:00
|
|
|
u32 offset = 0;
|
2017-05-07 18:02:00 +00:00
|
|
|
|
2017-05-16 23:59:46 +00:00
|
|
|
position[0] = esalt_bufs[digests_offset].position[0];
|
|
|
|
position[1] = esalt_bufs[digests_offset].position[1];
|
2017-05-07 18:02:00 +00:00
|
|
|
|
2017-05-16 23:59:46 +00:00
|
|
|
offset = esalt_bufs[digests_offset].offset;
|
2017-05-15 12:47:40 +00:00
|
|
|
|
2017-05-16 23:59:46 +00:00
|
|
|
iv[0] = esalt_bufs[digests_offset].iv[0];
|
|
|
|
iv[1] = esalt_bufs[digests_offset].iv[1];
|
2017-05-07 01:03:14 +00:00
|
|
|
|
2017-05-16 23:59:46 +00:00
|
|
|
plain[0] = esalt_bufs[digests_offset].plain[0];
|
|
|
|
plain[1] = esalt_bufs[digests_offset].plain[1];
|
2017-05-07 01:03:14 +00:00
|
|
|
|
2017-05-05 02:34:52 +00:00
|
|
|
/**
|
|
|
|
* loop
|
|
|
|
*/
|
|
|
|
|
|
|
|
for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
|
|
|
|
{
|
|
|
|
u32x w0[4] = { 0 };
|
|
|
|
u32x w1[4] = { 0 };
|
|
|
|
|
|
|
|
const u32x out_len = apply_rules_vect(pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1);
|
|
|
|
|
2017-05-07 01:03:14 +00:00
|
|
|
u32x digest[4] = { 0 };
|
2017-05-05 02:34:52 +00:00
|
|
|
|
2017-05-15 12:47:40 +00:00
|
|
|
chacha20_transform (w0, w1, position, offset, iv, plain, digest);
|
2017-05-05 02:34:52 +00:00
|
|
|
|
2017-05-07 01:03:14 +00:00
|
|
|
const u32x r0 = digest[0];
|
|
|
|
const u32x r1 = digest[1];
|
|
|
|
const u32x r2 = digest[2];
|
|
|
|
const u32x r3 = digest[3];
|
2017-05-05 02:34:52 +00:00
|
|
|
|
|
|
|
COMPARE_M_SIMD(r0, r1, r2, r3);
|
2018-11-01 19:17:02 +00:00
|
|
|
}
|
2017-05-05 02:34:52 +00:00
|
|
|
}
|
|
|
|
|
2018-11-16 09:38:22 +00:00
|
|
|
__kernel void m15400_m08 (KERN_ATTR_RULES_ESALT (chacha20_t))
|
2017-05-05 02:34:52 +00:00
|
|
|
{
|
|
|
|
}
|
|
|
|
|
2018-11-16 09:38:22 +00:00
|
|
|
__kernel void m15400_m16 (KERN_ATTR_RULES_ESALT (chacha20_t))
|
2017-05-05 02:34:52 +00:00
|
|
|
{
|
|
|
|
}
|
|
|
|
|
2018-11-16 09:38:22 +00:00
|
|
|
__kernel void m15400_s04 (KERN_ATTR_RULES_ESALT (chacha20_t))
|
2018-11-01 19:17:02 +00:00
|
|
|
{
|
2017-05-05 02:34:52 +00:00
|
|
|
/**
|
|
|
|
* modifier
|
|
|
|
*/
|
|
|
|
|
2017-08-19 14:39:22 +00:00
|
|
|
const u64 lid = get_local_id (0);
|
2017-05-05 02:34:52 +00:00
|
|
|
|
2017-08-19 14:39:22 +00:00
|
|
|
const u64 gid = get_global_id (0);
|
2017-05-05 02:34:52 +00:00
|
|
|
|
|
|
|
if (gid >= gid_max) return;
|
|
|
|
|
|
|
|
u32 pw_buf0[4];
|
|
|
|
u32 pw_buf1[4];
|
|
|
|
|
|
|
|
pw_buf0[0] = pws[gid].i[0];
|
|
|
|
pw_buf0[1] = pws[gid].i[1];
|
|
|
|
pw_buf0[2] = pws[gid].i[2];
|
|
|
|
pw_buf0[3] = pws[gid].i[3];
|
|
|
|
pw_buf1[0] = pws[gid].i[4];
|
|
|
|
pw_buf1[1] = pws[gid].i[5];
|
|
|
|
pw_buf1[2] = pws[gid].i[6];
|
|
|
|
pw_buf1[3] = pws[gid].i[7];
|
|
|
|
|
2018-11-20 14:26:46 +00:00
|
|
|
const u32 pw_len = pws[gid].pw_len & 63;
|
2017-05-05 02:34:52 +00:00
|
|
|
|
2017-05-14 11:17:51 +00:00
|
|
|
/**
|
|
|
|
* Salt prep
|
|
|
|
*/
|
|
|
|
|
2017-05-17 11:35:56 +00:00
|
|
|
u32 iv[2] = { 0 };
|
|
|
|
u32 plain[2] = { 0 };
|
2017-05-07 18:02:00 +00:00
|
|
|
u32 position[2] = { 0 };
|
2017-05-17 11:35:56 +00:00
|
|
|
u32 offset = 0;
|
2017-05-07 18:02:00 +00:00
|
|
|
|
2017-05-17 11:35:56 +00:00
|
|
|
position[0] = esalt_bufs[digests_offset].position[0];
|
|
|
|
position[1] = esalt_bufs[digests_offset].position[1];
|
2017-05-07 18:02:00 +00:00
|
|
|
|
2017-05-17 11:35:56 +00:00
|
|
|
offset = esalt_bufs[digests_offset].offset;
|
2017-05-15 12:47:40 +00:00
|
|
|
|
2017-05-17 11:35:56 +00:00
|
|
|
iv[0] = esalt_bufs[digests_offset].iv[0];
|
|
|
|
iv[1] = esalt_bufs[digests_offset].iv[1];
|
2017-05-05 02:34:52 +00:00
|
|
|
|
2017-05-17 11:35:56 +00:00
|
|
|
plain[0] = esalt_bufs[digests_offset].plain[0];
|
|
|
|
plain[1] = esalt_bufs[digests_offset].plain[1];
|
2018-11-01 19:17:02 +00:00
|
|
|
|
2017-05-05 02:34:52 +00:00
|
|
|
/**
|
|
|
|
* digest
|
|
|
|
*/
|
|
|
|
|
|
|
|
const u32 search[4] =
|
|
|
|
{
|
|
|
|
digests_buf[digests_offset].digest_buf[DGST_R0],
|
|
|
|
digests_buf[digests_offset].digest_buf[DGST_R1],
|
|
|
|
digests_buf[digests_offset].digest_buf[DGST_R2],
|
|
|
|
digests_buf[digests_offset].digest_buf[DGST_R3]
|
|
|
|
};
|
2018-11-01 19:17:02 +00:00
|
|
|
|
2017-05-05 02:34:52 +00:00
|
|
|
/**
|
|
|
|
* loop
|
|
|
|
*/
|
|
|
|
|
|
|
|
for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
|
|
|
|
{
|
|
|
|
u32x w0[4] = { 0 };
|
|
|
|
u32x w1[4] = { 0 };
|
2018-11-01 19:17:02 +00:00
|
|
|
|
2017-05-05 02:34:52 +00:00
|
|
|
const u32x out_len = apply_rules_vect(pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1);
|
|
|
|
|
2017-05-06 18:24:50 +00:00
|
|
|
u32x digest[4] = { 0 };
|
2017-05-05 02:34:52 +00:00
|
|
|
|
2017-05-15 12:47:40 +00:00
|
|
|
chacha20_transform (w0, w1, position, offset, iv, plain, digest);
|
2017-05-05 02:34:52 +00:00
|
|
|
|
2017-05-07 00:40:10 +00:00
|
|
|
const u32x r0 = digest[0];
|
|
|
|
const u32x r1 = digest[1];
|
|
|
|
const u32x r2 = digest[2];
|
|
|
|
const u32x r3 = digest[3];
|
2017-05-05 02:34:52 +00:00
|
|
|
|
|
|
|
COMPARE_S_SIMD(r0, r1, r2, r3);
|
2018-11-01 19:17:02 +00:00
|
|
|
}
|
2017-05-05 02:34:52 +00:00
|
|
|
}
|
|
|
|
|
2018-11-16 09:38:22 +00:00
|
|
|
__kernel void m15400_s08 (KERN_ATTR_RULES_ESALT (chacha20_t))
|
2017-05-05 02:34:52 +00:00
|
|
|
{
|
|
|
|
}
|
|
|
|
|
2018-11-16 09:38:22 +00:00
|
|
|
__kernel void m15400_s16 (KERN_ATTR_RULES_ESALT (chacha20_t))
|
2017-05-05 02:34:52 +00:00
|
|
|
{
|
|
|
|
}
|