Text file src/crypto/internal/fips140/aes/gcm/gcm_s390x.s

     1  // Copyright 2016 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build !purego
     6  
     7  #include "textflag.h"
     8  
     9  // func cryptBlocksGCM(fn code, key, dst, src, buf []byte, cnt *[16]byte)
    10  TEXT ·cryptBlocksGCM(SB),NOSPLIT,$0-112
    11         MOVD    src_len+64(FP), R0
    12         MOVD    buf_base+80(FP), R1
    13         MOVD    cnt+104(FP), R12
    14         LMG     (R12), R2, R3
    15  
    16         // Check that the src size is less than or equal to the buffer size.
    17         MOVD    buf_len+88(FP), R4
    18         CMP     R0, R4
    19         BGT     crash
    20  
    21         // Check that the src size is a multiple of 16-bytes.
    22         MOVD    R0, R4
    23         AND     $0xf, R4
    24         BLT     crash // non-zero
    25  
    26         // Check that the src size is less than or equal to the dst size.
    27         MOVD    dst_len+40(FP), R4
    28         CMP     R0, R4
    29         BGT     crash
    30  
    31         MOVD    R2, R4
    32         MOVD    R2, R6
    33         MOVD    R2, R8
    34         MOVD    R3, R5
    35         MOVD    R3, R7
    36         MOVD    R3, R9
    37         ADDW    $1, R5
    38         ADDW    $2, R7
    39         ADDW    $3, R9
    40  incr:
    41         CMP     R0, $64
    42         BLT     tail
    43         STMG    R2, R9, (R1)
    44         ADDW    $4, R3
    45         ADDW    $4, R5
    46         ADDW    $4, R7
    47         ADDW    $4, R9
    48         MOVD    $64(R1), R1
    49         SUB     $64, R0
    50         BR      incr
    51  tail:
    52         CMP     R0, $0
    53         BEQ     crypt
    54         STMG    R2, R3, (R1)
    55         ADDW    $1, R3
    56         MOVD    $16(R1), R1
    57         SUB     $16, R0
    58         BR      tail
    59  crypt:
    60         STMG    R2, R3, (R12)       // update next counter value
    61         MOVD    fn+0(FP), R0        // function code (encryption)
    62         MOVD    key_base+8(FP), R1  // key
    63         MOVD    buf_base+80(FP), R2 // counter values
    64         MOVD    dst_base+32(FP), R4 // dst
    65         MOVD    src_base+56(FP), R6 // src
    66         MOVD    src_len+64(FP), R7  // len
    67  loop:
    68         KMCTR   R4, R2, R6          // cipher message with counter (KMCTR)
    69         BVS     loop                // branch back if interrupted
    70         RET
    71  crash:
    72         MOVD    $0, (R0)
    73         RET
    74  
    75  
    76  // func ghashAsm(key *gcmHashKey, hash *[16]byte, data []byte)
    77  TEXT ·ghashAsm(SB),NOSPLIT,$32-40
    78  	MOVD    $65, R0 // GHASH function code
    79  	MOVD	key+0(FP), R2
    80  	LMG	(R2), R6, R7
    81  	MOVD	hash+8(FP), R8
    82  	LMG	(R8), R4, R5
    83  	MOVD	$params-32(SP), R1
    84  	STMG	R4, R7, (R1)
    85  	LMG	data+16(FP), R2, R3 // R2=base, R3=len
    86  loop:
    87  	KIMD	R0, R2      // compute intermediate message digest (KIMD)
    88  	BVS     loop        // branch back if interrupted
    89  	MVC     $16, (R1), (R8)
    90  	MOVD	$0, R0
    91  	RET
    92  
    93  // func kmaGCM(fn int, key, dst, src, aad []byte, tag *[16]byte, cnt *[gcmBlockSize]byte)
    94  TEXT ·kmaGCM(SB),NOSPLIT,$112-120
    95  	MOVD	fn+0(FP), R0
    96  	MOVD	$params-112(SP), R1
    97  
    98  	// load ptr/len pairs
    99  	LMG	dst+32(FP), R2, R3 // R2=base R3=len
   100  	LMG	src+56(FP), R4, R5 // R4=base R5=len
   101  	LMG	aad+80(FP), R6, R7 // R6=base R7=len
   102  
   103  	// setup parameters
   104  	MOVD	cnt+112(FP), R8
   105  	XC	$12, (R1), (R1)     // reserved
   106  	MVC	$4, 12(R8), 12(R1)  // set chain value
   107  	MVC	$16, (R8), 64(R1)   // set initial counter value
   108  	XC	$32, 16(R1), 16(R1) // set hash subkey and tag
   109  	SLD	$3, R7, R12
   110  	MOVD	R12, 48(R1)         // set total AAD length
   111  	SLD	$3, R5, R12
   112  	MOVD	R12, 56(R1)         // set total plaintext/ciphertext length
   113  
   114  	LMG	key+8(FP), R8, R9   // R8=base R9=len
   115  	MVC	$16, (R8), 80(R1)   // set key
   116  	CMPBEQ	R9, $16, kma
   117  	MVC	$8, 16(R8), 96(R1)
   118  	CMPBEQ	R9, $24, kma
   119  	MVC	$8, 24(R8), 104(R1)
   120  
   121  kma:
   122  	KMA	R2, R6, R4       // Cipher Message with Authentication
   123  	BVS	kma
   124  
   125  	MOVD	tag+104(FP), R2
   126  	MVC	$16, 16(R1), 0(R2) // copy tag to output
   127  	MOVD	cnt+112(FP), R8
   128  	MVC	$4, 12(R1), 12(R8) // update counter value
   129  
   130  	RET
   131  

View as plain text