cipher_s390x.go

     1  // Copyright 2016 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build !purego
     6  
     7  package aes
     8  
     9  import (
    10  	"crypto/cipher"
    11  	"crypto/internal/alias"
    12  	"internal/cpu"
    13  )
    14  
    15  type code int
    16  
    17  // Function codes for the cipher message family of instructions.
    18  const (
    19  	aes128 code = 18
    20  	aes192      = 19
    21  	aes256      = 20
    22  )
    23  
    24  type aesCipherAsm struct {
    25  	function code     // code for cipher message instruction
    26  	key      []byte   // key (128, 192 or 256 bits)
    27  	storage  [32]byte // array backing key slice
    28  }
    29  
    30  // cryptBlocks invokes the cipher message (KM) instruction with
    31  // the given function code. This is equivalent to AES in ECB
    32  // mode. The length must be a multiple of BlockSize (16).
    33  //
    34  //go:noescape
    35  func cryptBlocks(c code, key, dst, src *byte, length int)
    36  
    37  func newCipher(key []byte) (cipher.Block, error) {
    38  	// The aesCipherAsm type implements the cbcEncAble, cbcDecAble,
    39  	// ctrAble and gcmAble interfaces. We therefore need to check
    40  	// for all the features required to implement these modes.
    41  	// Keep in sync with crypto/tls/common.go.
    42  	if !(cpu.S390X.HasAES && cpu.S390X.HasAESCBC && cpu.S390X.HasAESCTR && (cpu.S390X.HasGHASH || cpu.S390X.HasAESGCM)) {
    43  		return newCipherGeneric(key)
    44  	}
    45  
    46  	var function code
    47  	switch len(key) {
    48  	case 128 / 8:
    49  		function = aes128
    50  	case 192 / 8:
    51  		function = aes192
    52  	case 256 / 8:
    53  		function = aes256
    54  	default:
    55  		return nil, KeySizeError(len(key))
    56  	}
    57  
    58  	var c aesCipherAsm
    59  	c.function = function
    60  	c.key = c.storage[:len(key)]
    61  	copy(c.key, key)
    62  	return &c, nil
    63  }
    64  
    65  func (c *aesCipherAsm) BlockSize() int { return BlockSize }
    66  
    67  func (c *aesCipherAsm) Encrypt(dst, src []byte) {
    68  	if len(src) < BlockSize {
    69  		panic("crypto/aes: input not full block")
    70  	}
    71  	if len(dst) < BlockSize {
    72  		panic("crypto/aes: output not full block")
    73  	}
    74  	if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) {
    75  		panic("crypto/aes: invalid buffer overlap")
    76  	}
    77  	cryptBlocks(c.function, &c.key[0], &dst[0], &src[0], BlockSize)
    78  }
    79  
    80  func (c *aesCipherAsm) Decrypt(dst, src []byte) {
    81  	if len(src) < BlockSize {
    82  		panic("crypto/aes: input not full block")
    83  	}
    84  	if len(dst) < BlockSize {
    85  		panic("crypto/aes: output not full block")
    86  	}
    87  	if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) {
    88  		panic("crypto/aes: invalid buffer overlap")
    89  	}
    90  	// The decrypt function code is equal to the function code + 128.
    91  	cryptBlocks(c.function+128, &c.key[0], &dst[0], &src[0], BlockSize)
    92  }
    93  
    94  // expandKey is used by BenchmarkExpand. cipher message (KM) does not need key
    95  // expansion so there is no assembly equivalent.
    96  func expandKey(key []byte, enc, dec []uint32) {
    97  	expandKeyGo(key, enc, dec)
    98  }
    99
View as plain text