crypto/aes: move ppc64le to cipher_asm.go

Move the aesCipherGCM struct definition into cipher_asm.go, it is
needed to compile this file, but isn't used on PPC64.

Also, generate a KeySizeError if the key length is not supported
as was done in the ppc64le implementation, and is done in the
generic code.

Change-Id: I025fc63d614b57dac65a18d1ac3dbeec99356292
Reviewed-on: https://go-review.googlesource.com/c/go/+/399254
Reviewed-by: Filippo Valsorda <valsorda@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Lynn Boger <laboger@linux.vnet.ibm.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Paul Murphy <murp@ibm.com>

diff --git a/src/crypto/aes/aes_gcm.go b/src/crypto/aes/aes_gcm.go
index 98fb6d8e9bf3249eec28284c7dc0c9042fc83b05..ebae646a135a95e71eb73cbbdc5d61859d7c9e26 100644 (file)
--- a/src/crypto/aes/aes_gcm.go
+++ b/src/crypto/aes/aes_gcm.go
@@ -39,13 +39,6 @@ const (
 
 var errOpen = errors.New("cipher: message authentication failed")
 
-// aesCipherGCM implements crypto/cipher.gcmAble so that crypto/cipher.NewGCM
-// will use the optimised implementation in this file when possible. Instances
-// of this type only exist when hasGCMAsm returns true.
-type aesCipherGCM struct {
-       aesCipherAsm
-}
-
 // Assert that aesCipherGCM implements the gcmAble interface.
 var _ gcmAble = (*aesCipherGCM)(nil)
 

diff --git a/src/crypto/aes/cipher_asm.go b/src/crypto/aes/cipher_asm.go
index ecc6ccbbfbb6129424c9ea5e893c9c6fd002afc0..9c14a2b21f02c380d6551bf4927963efa6e924ae 100644 (file)
--- a/src/crypto/aes/cipher_asm.go
+++ b/src/crypto/aes/cipher_asm.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build amd64 || arm64
+//go:build amd64 || arm64 || ppc64le
 
 package aes
 
@@ -10,6 +10,7 @@ import (
        "crypto/cipher"
        "crypto/internal/subtle"
        "internal/cpu"
+       "internal/goarch"
 )
 
 import "crypto/internal/boring"
@@ -29,7 +30,15 @@ type aesCipherAsm struct {
        aesCipher
 }
 
-var supportsAES = cpu.X86.HasAES || cpu.ARM64.HasAES
+// aesCipherGCM implements crypto/cipher.gcmAble so that crypto/cipher.NewGCM
+// will use the optimised implementation in aes_gcm.go when possible.
+// Instances of this type only exist when hasGCMAsm returns true. Likewise,
+// the gcmAble implementation is in aes_gcm.go.
+type aesCipherGCM struct {
+       aesCipherAsm
+}
+
+var supportsAES = cpu.X86.HasAES || cpu.ARM64.HasAES || goarch.IsPpc64le == 1
 var supportsGFMUL = cpu.X86.HasPCLMULQDQ || cpu.ARM64.HasPMULL
 
 func newCipher(key []byte) (cipher.Block, error) {
@@ -46,6 +55,8 @@ func newCipher(key []byte) (cipher.Block, error) {
                rounds = 12
        case 256 / 8:
                rounds = 14
+       default:
+               return nil, KeySizeError(len(key))
        }
 
        expandKeyAsm(rounds, &key[0], &c.enc[0], &c.dec[0])

diff --git a/src/crypto/aes/cipher_ppc64le.go b/src/crypto/aes/cipher_ppc64le.go
deleted file mode 100644 (file)
index 1861514..0000000
--- a/src/crypto/aes/cipher_ppc64le.go
+++ /dev/null
@@ -1,87 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package aes
-
-import (
-       "crypto/cipher"
-       "crypto/internal/subtle"
-)
-
-// defined in asm_ppc64le.s
-
-//go:noescape
-func expandKeyAsm(nr int, key *byte, enc *uint32, dec *uint32)
-
-//go:noescape
-func encryptBlockAsm(nr int, xk *uint32, dst, src *byte)
-
-//go:noescape
-func decryptBlockAsm(nr int, xk *uint32, dst, src *byte)
-
-type aesCipherAsm struct {
-       aesCipher
-}
-
-func newCipher(key []byte) (cipher.Block, error) {
-       n := len(key) + 28
-       c := aesCipherAsm{aesCipher{make([]uint32, n), make([]uint32, n)}}
-       k := len(key)
-
-       var rounds int
-       switch len(key) {
-       case 128 / 8:
-               rounds = 10
-       case 192 / 8:
-               rounds = 12
-       case 256 / 8:
-               rounds = 14
-       default:
-               return nil, KeySizeError(k)
-       }
-
-       expandKeyAsm(rounds, &key[0], &c.enc[0], &c.dec[0])
-       return &c, nil
-}
-
-func (c *aesCipherAsm) BlockSize() int { return BlockSize }
-
-func (c *aesCipherAsm) Encrypt(dst, src []byte) {
-       if len(src) < BlockSize {
-               panic("crypto/aes: input not full block")
-       }
-       if len(dst) < BlockSize {
-               panic("crypto/aes: output not full block")
-       }
-       if subtle.InexactOverlap(dst[:BlockSize], src[:BlockSize]) {
-               panic("crypto/aes: invalid buffer overlap")
-       }
-       encryptBlockAsm(len(c.enc)/4-1, &c.enc[0], &dst[0], &src[0])
-}
-
-func (c *aesCipherAsm) Decrypt(dst, src []byte) {
-       if len(src) < BlockSize {
-               panic("crypto/aes: input not full block")
-       }
-       if len(dst) < BlockSize {
-               panic("crypto/aes: output not full block")
-       }
-       if subtle.InexactOverlap(dst[:BlockSize], src[:BlockSize]) {
-               panic("crypto/aes: invalid buffer overlap")
-       }
-       decryptBlockAsm(len(c.dec)/4-1, &c.dec[0], &dst[0], &src[0])
-}
-
-// expandKey is used by BenchmarkExpand to ensure that the asm implementation
-// of key expansion is used for the benchmark when it is available.
-func expandKey(key []byte, enc, dec []uint32) {
-       rounds := 10 // rounds needed for AES128
-       switch len(key) {
-       case 192 / 8:
-               rounds = 12
-       case 256 / 8:
-               rounds = 14
-       }
-       expandKeyAsm(rounds, &key[0], &enc[0], &dec[0])
-}